Trojaner-Board - Skype schreibt automatisch Sachen wie "wassws"

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Skype schreibt automatisch Sachen wie "wassws" (https://www.trojaner-board.de/128010-skype-schreibt-automatisch-sachen-wassws.html)

Skype schreibt automatisch Sachen wie "wassws"

Hallo Trojaner-Board Team,

langsam bin ich mit meinem Latein am Ende und denke, dass noch nie jemand hier dieses Problem hatte.
Ich habe u.a. gegoogelt und habe nichts Ähnliches gefunden, aber ich denke, ich sollte erstmal mein Problem schildern.

Vor ziemlich genau einen Monat chattete ich mit einem Freund per Skype. Ich hatte gerade die Hände an der Kaffeetasse, da bemerkte ich, dass mein Computer von selbst mit meinem Freund schreibt. Die Inhalte davon waren Sachen, aus einem Spiel (Minecraft), wie z.B. "wdwdaswdswddwst" oder irgendwelche Befehle in diesem. Ich weiß auch noch ganz genau, wann ich diese Befehle genutzt hatte und dies war zwei Wochen vor dem her.

Das Ganze fand ich ein bisschen komisch, denn ich hatte sonst nie irgendwelche Probleme, Viren oder Ungereimtheiten. Mein Virenscanner hat nie herumgemeckert.

Also nehme ich mir meine "c't Desinfekt" und die Kaspersky 2012 Notfall CD und lass die beide mal nach Viren, Trojaner, etc. suchen.
Alles ohne Erfolg und somit mache ich mir keine weiteren Gedanken.

Heute aber, als ich wieder mit dem selben Freund schreibe, geschieht das Gleiche wieder.
Der "PC" tippt in ziemlich langsamen Tempo, im Verhältnis zu Zehn-Finger-Schreiben, diese Sachen ("wasssaaswsas") ein.
Ich habe mal gehört, das Skype genauso Befehle mit "/" verwendet wie in Minecraft und klicke deshalb einfach mal in die Kurznotitz.
"Er" tippt weiter, ohne als wenn etwas gewesen wäre.

Alles insgesamt kommt mir extrem faul vor, denn angenommern ein Keylogger wäre auf meinem Pc, welchen Sinn hätte dieser, wenn er es bei Skype hinein schreiben würde?!
Ich kann mir einfach nichts zusammenreimen.

Ich hoffe, dass ich mein Problem verständlich und genau beschrieben habe, dass euch das Thema interresiert und ihr mir helfen könnt.

Danke schonmal im Voraus,

mfg

Jonas

Hallo und :hallo:

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Mach bitte einen CustomScan mit OTL . Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

msconfig

netsvcs

safebootminimal

safebootnetwork

activex

drivers32

%SYSTEMDRIVE%\*.

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles

%SYSTEMROOT%\System32\config\*.sav

%SYSTEMROOT%\*. /mp /s

%SYSTEMROOT%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Eine Vermutung von mir wäre vielleicht noch, dass meine Tastatur (Microsoft SideWinder X4 Tastatur) Makros erstellen kann und die somit auch 1:1 abrufen kann. Es wäre eine Möglichkeit, dass wenn ich etwas bestimmtes an meinen Freund schreibe, ich dieses Makro aktiviere.

Aber hier die Logfile:

OTL Logfile:

Code:

OTL logfile created on: 12.12.2012 22:07:13 - Run 3

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Skywalk3r\Downloads

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

15,87 Gb Total Physical Memory | 13,48 Gb Available Physical Memory | 84,97% Memory free

31,73 Gb Paging File | 29,11 Gb Available in Paging File | 91,73% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 439,67 Gb Total Space | 293,69 Gb Free Space | 66,80% Space Free | Partition Type: NTFS

Drive E: | 329,75 Gb Total Space | 139,95 Gb Free Space | 42,44% Space Free | Partition Type: NTFS

Drive F: | 100,00 Mb Total Space | 71,86 Mb Free Space | 71,87% Space Free | Partition Type: NTFS

Drive G: | 293,41 Gb Total Space | 157,67 Gb Free Space | 53,74% Space Free | Partition Type: NTFS

 

Computer Name: BOMBERCHEN | User Name: Skywalk3r | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.12.12 21:36:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Skywalk3r\Downloads\OTL.exe

PRC - [2012.11.28 12:45:16 | 001,868,432 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe

PRC - [2012.11.01 08:52:54 | 000,875,728 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe

PRC - [2012.11.01 08:52:52 | 000,877,264 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe

PRC - [2012.11.01 08:52:52 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe

PRC - [2012.10.31 19:19:06 | 001,234,848 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe

PRC - [2012.10.31 15:46:38 | 001,467,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe

PRC - [2012.03.19 12:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2012.09.28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2012.12.12 17:58:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.12.09 15:08:43 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.11.28 12:45:16 | 001,868,432 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)

SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.11.07 23:37:40 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)

SRV - [2012.11.01 08:52:52 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe -- (CLPSLauncher)

SRV - [2012.10.31 15:46:38 | 001,467,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe -- (GeekBuddyRSP)

SRV - [2012.04.10 11:17:16 | 000,097,552 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)

SRV - [2012.03.19 12:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)

SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.07.22 09:17:44 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)

SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.03.30 04:02:56 | 057,617,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS)

SRV - [2009.03.30 04:01:06 | 000,427,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS)

SRV - [2008.07.10 05:31:10 | 000,157,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.11.13 19:11:29 | 000,047,240 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)

DRV:64bit: - [2012.11.13 19:11:20 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCapMP)

DRV:64bit: - [2012.11.13 19:11:20 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCap)

DRV:64bit: - [2012.11.07 23:37:58 | 000,022,736 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)

DRV:64bit: - [2012.09.28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2012.09.28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012.07.09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012.05.14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2012.03.15 16:25:50 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.10.03 16:41:58 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV:64bit: - [2011.09.02 07:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)

DRV:64bit: - [2011.09.02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)

DRV:64bit: - [2011.09.02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)

DRV:64bit: - [2011.09.02 07:30:02 | 000,032,536 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)

DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2010.10.22 02:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB)

DRV:64bit: - [2010.10.22 02:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)

DRV:64bit: - [2010.03.09 11:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009.07.24 19:28:52 | 000,036,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)

DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV:64bit: - [2009.06.10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.03.18 15:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

DRV:64bit: - [2006.11.06 08:56:30 | 000,030,528 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\brpar64a.sys -- (BrPar)

DRV - [2012.12.04 09:41:28 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD)

DRV - [2012.04.10 11:17:14 | 000,164,528 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)

DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Suche

IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = ED E4 A7 24 C5 9F CC 01  [binary data]

IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found

IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}

IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647

IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"

FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.10

FF - prefs.js..extensions.enabledAddons: %7B6AC85730-7D0F-4de0-B3FA-21142DD85326%7D:2.8

FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:7.6.0.2

FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33

FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1

FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&q="

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.09 15:08:44 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.11.08 11:04:56 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

 

[2011.11.01 07:37:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\Extensions

[2012.12.12 16:54:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\Firefox\Profiles\ybcw8bdb.default\extensions

[2012.08.03 12:57:20 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\Firefox\Profiles\ybcw8bdb.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}

[2012.11.17 15:35:42 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\Firefox\Profiles\ybcw8bdb.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}

[2012.10.11 07:58:38 | 000,281,285 | ---- | M] () (No name found) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\firefox\profiles\ybcw8bdb.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi

[2012.12.12 16:54:06 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\firefox\profiles\ybcw8bdb.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

[2012.11.23 14:01:49 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\firefox\profiles\ybcw8bdb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2011.12.13 19:49:56 | 000,000,931 | ---- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\firefox\profiles\ybcw8bdb.default\searchplugins\conduit.xml

[2012.12.09 15:08:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.12.09 15:08:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2012.12.09 15:08:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2012.12.09 15:08:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

[2012.12.09 15:08:44 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.06.23 12:24:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.08.30 10:31:45 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.06.23 12:24:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.06.23 12:24:31 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.06.23 12:24:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.06.23 12:24:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2012.06.09 18:28:09 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)

O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime File not found

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe" -controlservice -slave File not found

O4 - HKU\S-1-5-21-3963389296-900692964-1275611924-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found

O4 - Startup: C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Skywalk3r\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O7 - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()

O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000 File not found

O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found

O8 - Extra context menu item: Free YouTube Download - C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()

O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found

O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)

O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)

O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03BBD8F3-6B44-4B97-938E-19B208229B71}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03BBD8F3-6B44-4B97-938E-19B208229B71}: NameServer = 8.26.56.26,156.154.70.22

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2038F4DF-E548-4D18-B317-D250937CD209}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BE25285-F889-4403-8F03-A27A71328216}: NameServer = 8.26.56.26,156.154.70.22

O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18:64bit: - Protocol\Filter\text/xml - No CLSID value found

O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2012.03.25 19:20:34 | 000,000,066 | ---- | M] () - G:\autostart.bat -- [ NTFS ]

O33 - MountPoints2\{dfff32e5-03f5-11e1-ab7c-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{dfff32e5-03f5-11e1-ab7c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\duden.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk - C:\PROGRA~2\SCANWI~1\SCANNE~1.EXE - ()

MsConfig:64bit - StartUpFolder: C:^Users^Skywalk3r^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Shutdown Assistent.exe -  - File not found

MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

MsConfig:64bit - StartUpReg: BrStsWnd - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: Malwarebytes' Anti-Malware - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: PDFPrint - hkey= - key= - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)

MsConfig:64bit - StartUpReg: SandboxieControl - hkey= - key= - C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)

MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)

MsConfig:64bit - StartUpReg: WatchMyCam - hkey= - key= -  File not found

 

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

 

SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PEVSystemStart - Service

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: procexp90.Sys - Driver

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PEVSystemStart - Service

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: procexp90.Sys - Driver

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PEVSystemStart - Service

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: procexp90.Sys - Driver

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PEVSystemStart - Service

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: procexp90.Sys - Driver

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.12.09 15:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center

[2012.12.09 15:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center

[2012.12.09 15:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2012.12.09 12:49:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2012.12.09 12:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2012.12.07 18:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012.12.07 18:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2012.12.07 18:44:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2012.12.07 18:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012.12.07 18:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

[2012.12.04 09:41:28 | 000,037,976 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\drivers\CFRMD.sys

[2012.12.03 16:40:09 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\POV-Ray for Windows v3.62

[2012.12.03 16:39:32 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\Pictures\Documents\POV-Ray

[2012.12.03 16:39:32 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\AppData\Roaming\POV-Ray

[2012.12.03 16:27:30 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\Desktop\Neuer Ordner (2)

[2012.12.02 18:37:20 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoftIEHelpers

[2012.12.02 18:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft

[2012.12.02 18:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft

[2012.12.02 18:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft

[2012.11.29 09:59:38 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\Desktop\Neuer Ordner

[2012.11.21 07:16:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazarus

[2012.11.17 15:45:50 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin

[2012.11.17 15:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\RapidSolution

[2012.11.17 15:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 10

[2012.11.17 15:45:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audials

[2012.11.17 15:44:42 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\AppData\Local\RapidSolution

[2012.11.17 11:09:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Comodo

[2012.11.17 11:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA

[2012.11.15 20:19:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO

[2012.11.15 20:18:51 | 000,000,000 | -H-D | C] -- C:\VritualRoot

[2012.11.13 20:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo

[2012.11.13 20:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO

[2012.11.13 20:02:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo

[2012.11.13 20:02:38 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\AppData\Local\Comodo

[2012.11.13 20:02:31 | 000,054,024 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll

[2012.11.13 20:02:31 | 000,045,832 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll

[2012.11.13 20:02:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo

[2012.11.13 19:11:29 | 000,047,240 | ---- | C] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys

[2012.11.13 19:11:20 | 000,037,480 | ---- | C] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\rrnetcap.sys

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.12.12 22:03:59 | 001,148,816 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat

[2012.12.12 21:58:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.12.12 21:27:41 | 000,001,637 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\IRZMJ.nxc

[2012.12.12 21:21:43 | 000,041,134 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\mitmusik.sym

[2012.12.12 21:21:40 | 000,001,366 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\mitmusik.bak

[2012.12.12 21:21:40 | 000,001,366 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\mitmusik - Kopie.nxc

[2012.12.12 19:37:55 | 001,647,500 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\01-The Imperial Marchalt.wav

[2012.12.12 19:21:42 | 000,001,222 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Untitled1.nxc

[2012.12.12 19:21:36 | 000,001,221 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Untitled1.bak

[2012.12.12 19:13:28 | 000,028,669 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Untitled1.sym

[2012.12.12 16:51:39 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.12.12 16:51:39 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.12.12 16:44:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.12.12 16:44:00 | 4187,316,222 | -HS- | M] () -- C:\hiberfil.sys

[2012.12.09 12:49:38 | 000,054,024 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll

[2012.12.09 12:49:38 | 000,045,832 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll

[2012.12.08 19:00:35 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI

[2012.12.08 10:57:03 | 000,541,018 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Unbenannt.xcf

[2012.12.08 10:57:03 | 000,001,463 | ---- | M] () -- C:\Users\Skywalk3r\.recently-used.xbel

[2012.12.07 18:45:46 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012.12.07 18:41:33 | 000,340,761 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Unbenannt.png

[2012.12.07 18:39:19 | 000,051,542 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Maerchen-auf-Eis-und-orientalischer-Wintermarkt_ArtikelQuer.jpg

[2012.12.04 09:41:28 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\drivers\CFRMD.sys

[2012.12.03 16:40:09 | 000,002,317 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\POV-Ray for Windows v3.62.lnk

[2012.12.03 16:25:32 | 000,000,347 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Unbenannzzzzt.png

[2012.12.03 16:19:50 | 000,001,268 | ---- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012.12.02 18:45:36 | 001,800,066 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.12.02 18:45:36 | 000,763,004 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.12.02 18:45:36 | 000,718,322 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.12.02 18:45:36 | 000,173,390 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.12.02 18:45:36 | 000,146,344 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.12.02 18:37:16 | 000,001,239 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\DVDVideoSoft Free Studio.lnk

[2012.12.02 18:37:15 | 000,001,302 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Free YouTube Download.lnk

[2012.11.29 17:45:53 | 015,729,534 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Desktop001.tif

[2012.11.26 17:55:57 | 1724,933,310 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Desktop002.tif

[2012.11.26 17:53:07 | 000,088,296 | ---- | M] () -- C:\Windows\SM_25_W2400.id14

[2012.11.26 17:53:07 | 000,088,296 | ---- | M] () -- C:\Windows\SM_25_D2400.id14

[2012.11.26 17:52:32 | 000,003,822 | ---- | M] () -- C:\Windows\SM_25_W73.id14

[2012.11.26 17:52:32 | 000,003,822 | ---- | M] () -- C:\Windows\SM_25_D73.id14

[2012.11.26 17:46:39 | 000,003,678 | ---- | M] () -- C:\Windows\SM_25_W72.id14

[2012.11.26 17:46:39 | 000,003,678 | ---- | M] () -- C:\Windows\SM_25_D72.id14

[2012.11.26 15:03:24 | 015,246,783 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Bakterienanzahl.exe

[2012.11.23 14:19:48 | 015,523,884 | ---- | M] () -- C:\Users\Skywalk3r\Pictures\Documents\imp.wav

[2012.11.23 14:18:29 | 000,006,070 | ---- | M] () -- C:\Users\Skywalk3r\imp.mscz

[2012.11.23 14:07:16 | 000,004,142 | ---- | M] () -- C:\Users\Skywalk3r\imp.midi

[2012.11.23 14:05:33 | 000,018,748 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Star_Wars__Imperial_March.mid

[2012.11.21 07:16:13 | 000,001,504 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Lazarus.lnk

[2012.11.17 15:45:48 | 000,000,950 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Audials.lnk

[2012.11.17 11:09:07 | 000,002,043 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk

[2012.11.17 11:04:30 | 004,996,096 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.11.15 21:20:23 | 005,188,040 | ---- | M] () -- C:\Users\Skywalk3r\02 Duel of the Fates.mp3

[2012.11.13 19:11:29 | 000,047,240 | ---- | M] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys

[2012.11.13 19:11:20 | 000,037,480 | ---- | M] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\rrnetcap.sys

 
 ========== Files Created - No Company Name ==========

 

[2012.12.12 21:22:59 | 000,001,366 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\mitmusik - Kopie.nxc

[2012.12.12 19:46:03 | 000,041,134 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\mitmusik.sym

[2012.12.12 19:21:57 | 000,001,637 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\IRZMJ.nxc

[2012.12.12 19:21:57 | 000,001,366 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\mitmusik.bak

[2012.12.12 17:02:12 | 000,028,669 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Untitled1.sym

[2012.12.12 16:50:49 | 000,001,222 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Untitled1.nxc

[2012.12.12 16:50:49 | 000,001,221 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Untitled1.bak

[2012.12.08 10:57:03 | 000,001,463 | ---- | C] () -- C:\Users\Skywalk3r\.recently-used.xbel

[2012.12.07 18:55:15 | 000,541,018 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Unbenannt.xcf

[2012.12.07 18:45:46 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012.12.03 16:40:09 | 000,002,317 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\POV-Ray for Windows v3.62.lnk

[2012.12.03 16:25:29 | 000,000,347 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Unbenannzzzzt.png

[2012.12.02 18:37:16 | 000,001,239 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\DVDVideoSoft Free Studio.lnk

[2012.12.02 18:37:15 | 000,001,302 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Free YouTube Download.lnk

[2012.11.29 12:51:24 | 001,647,500 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\01-The Imperial Marchalt.wav

[2012.11.29 12:46:57 | 003,063,238 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\01-The Imperial March.mp3

[2012.11.26 17:52:55 | 1724,933,310 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Desktop002.tif

[2012.11.26 17:47:19 | 015,729,534 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Desktop001.tif

[2012.11.26 17:46:39 | 000,003,678 | ---- | C] () -- C:\Windows\SM_25_W72.id14

[2012.11.26 17:46:39 | 000,003,678 | ---- | C] () -- C:\Windows\SM_25_D72.id14

[2012.11.26 15:05:04 | 015,246,783 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Bakterienanzahl.exe

[2012.11.23 14:18:29 | 000,006,070 | ---- | C] () -- C:\Users\Skywalk3r\imp.mscz

[2012.11.23 14:18:07 | 015,523,884 | ---- | C] () -- C:\Users\Skywalk3r\Pictures\Documents\imp.wav

[2012.11.23 14:07:15 | 000,004,142 | ---- | C] () -- C:\Users\Skywalk3r\imp.midi

[2012.11.23 14:05:32 | 000,018,748 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Star_Wars__Imperial_March.mid

[2012.11.21 07:16:13 | 000,001,504 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Lazarus.lnk

[2012.11.17 15:45:48 | 000,000,950 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Audials.lnk

[2012.11.17 11:09:07 | 000,002,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk

[2012.11.16 01:10:55 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

[2012.11.16 01:00:03 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

[2012.11.15 21:19:54 | 005,188,040 | ---- | C] () -- C:\Users\Skywalk3r\02 Duel of the Fates.mp3

[2012.11.13 20:04:33 | 001,148,816 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat

[2012.10.02 10:13:58 | 000,006,817 | ---- | C] () -- C:\Users\Skywalk3r\Linkin Park - Numb.mscz

[2012.09.30 09:28:47 | 000,011,391 | ---- | C] () -- C:\Users\Skywalk3r\Alex Clare - Too Close.mid

[2012.09.30 00:34:49 | 000,011,436 | ---- | C] () -- C:\Users\Skywalk3r\Linkin Park - Numb.mid

[2012.09.30 00:32:23 | 000,085,972 | ---- | C] () -- C:\Users\Skywalk3r\TheKen - In The End.pdf

[2012.09.30 00:30:47 | 000,117,596 | ---- | C] () -- C:\Users\Skywalk3r\Too Close (cc design).pdf

[2012.09.10 11:35:38 | 003,896,797 | ---- | C] () -- C:\Users\Skywalk3r\Too Close .mp3

[2012.09.02 20:05:05 | 051,159,149 | ---- | C] () -- C:\Users\Skywalk3r\AppData\Roaming\.minecraft.rar

[2012.08.31 14:32:01 | 000,000,632 | ---- | C] () -- C:\Windows\Qiii.INI

[2012.08.22 11:37:46 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI

[2012.08.10 19:54:17 | 000,000,975 | ---- | C] () -- C:\Users\Skywalk3r\InterActual Player.lnk

[2012.08.05 18:07:28 | 000,003,248 | ---- | C] () -- C:\Users\Skywalk3r\What i've done jtheiner.mscz

[2012.08.05 00:15:32 | 000,004,879 | ---- | C] () -- C:\Users\Skywalk3r\Blue_Rhapsody.mscz

[2012.08.05 00:11:30 | 000,028,013 | ---- | C] () -- C:\Users\Skywalk3r\What_Ive_Done_-_Linkin_Park.mscz

[2012.07.20 17:49:50 | 000,000,739 | ---- | C] () -- C:\Windows\Debug.ini

[2012.07.20 17:42:09 | 000,001,003 | ---- | C] () -- C:\Users\Skywalk3r\PriMusStandard.lnk

[2012.07.18 17:23:09 | 000,002,368 | ---- | C] () -- C:\Users\Skywalk3r\What I've Done.mscz

[2012.07.18 17:18:13 | 000,001,084 | ---- | C] () -- C:\Users\Skywalk3r\MuseScore.lnk

[2012.07.13 13:42:22 | 000,000,004 | ---- | C] () -- C:\Users\Skywalk3r\AppData\Roaming\steam_md5.dat

[2012.06.11 17:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2012.06.11 17:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2012.06.09 18:09:11 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2012.06.09 18:09:11 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2012.06.09 18:09:11 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2012.06.09 18:09:11 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2012.06.09 18:09:11 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2012.05.30 20:25:31 | 002,433,307 | ---- | C] () -- C:\Users\Skywalk3r\The Complete Navigation.pdf

[2012.05.14 20:19:18 | 000,393,463 | ---- | C] () -- C:\Users\Skywalk3r\space100.pdf

[2012.05.13 11:24:29 | 000,001,678 | ---- | C] () -- C:\Windows\Sandboxie.ini

[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

[2012.04.02 16:20:33 | 000,003,584 | ---- | C] () -- C:\Users\Skywalk3r\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.03.25 17:49:06 | 000,001,126 | ---- | C] () -- C:\Users\Skywalk3r\TmNationsForever spielen.lnk

[2012.03.08 19:06:02 | 000,000,153 | ---- | C] () -- C:\Windows\BRVIDEO.INI

[2012.03.08 19:06:02 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini

[2012.03.08 19:05:41 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI

[2012.03.08 19:05:19 | 000,022,898 | ---- | C] () -- C:\Windows\HL-3040CN.INI

[2012.03.08 19:05:17 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL

[2012.03.08 19:05:17 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI

[2012.03.08 19:04:24 | 000,000,399 | ---- | C] () -- C:\Windows\Brownie.ini

[2012.03.06 14:34:18 | 000,000,289 | ---- | C] () -- C:\Windows\{19789B73-7489-4EE0-8040-6C4DD5C1AF52}_WiseFW.ini

[2012.02.15 19:46:00 | 000,000,035 | ---- | C] () -- C:\Windows\Ulead32.INI

[2012.01.28 20:09:34 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe

[2011.11.13 13:28:48 | 000,007,602 | ---- | C] () -- C:\Users\Skywalk3r\AppData\Local\Resmon.ResmonCfg

[2011.11.11 21:43:02 | 000,001,916 | ---- | C] () -- C:\Users\Skywalk3r\Meine Bilder.lnk

[2011.11.11 21:42:32 | 000,285,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\Onsio.sys

[2011.11.11 21:42:32 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\drivers\Onsreged.sys

[2011.11.10 17:34:45 | 001,777,024 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.11.01 07:33:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\SysWow64\wbem\wbemess.dll

 
 ========== LOP Check ==========

 

[2012.11.28 19:39:35 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\.minecraft

[2012.05.08 15:26:51 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\.Nitrous

[2012.08.21 09:10:02 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\.purple

[2012.04.06 12:22:24 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\AntMe

[2012.03.21 22:06:00 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\AtoCC

[2012.12.12 20:36:07 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Audacity

[2012.02.03 19:12:04 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\BL-Soft

[2012.01.21 11:41:31 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Blender Foundation

[2012.09.02 09:26:56 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\CoffeeCup Software

[2012.07.20 17:42:11 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Columbus Soft

[2012.02.05 22:29:14 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2012.03.15 16:37:35 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\DAEMON Tools Lite

[2012.12.12 16:45:02 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Dropbox

[2012.12.02 18:37:42 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoft

[2012.12.02 18:37:20 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.11.22 15:09:25 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\EvaBox

[2012.11.11 22:53:18 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\FileZilla

[2011.11.11 22:39:42 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\FreePDF

[2012.12.08 10:54:15 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\gtk-2.0

[2012.09.12 20:57:59 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\IcoFX2X

[2012.08.11 21:15:46 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\IGC

[2012.03.06 20:07:32 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\ImgBurn

[2012.09.23 13:40:38 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\JoCar Consulting

[2011.11.19 13:09:46 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Leadertech

[2012.02.03 19:29:29 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\MAXON

[2012.03.06 14:35:04 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\mirabyte

[2012.07.18 17:18:14 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\MusE

[2012.09.21 14:19:44 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Notepad++

[2011.12.19 15:42:16 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\OpenOffice.org

[2012.12.03 16:39:32 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\POV-Ray

[2012.02.03 19:33:20 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\RDecke

[2012.04.04 13:26:23 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2012.04.19 18:26:30 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\TeamViewer

[2012.10.10 20:56:49 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Teeworlds

[2011.11.15 20:14:22 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Thunderbird

[2012.10.17 08:06:02 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\tipptrainer2

[2012.07.20 19:08:09 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\TS3Client

[2012.02.19 18:38:31 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\ts3overlay

[2011.11.16 15:27:25 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\VOS

[2011.11.18 14:40:27 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\XnView

[2012.02.13 15:56:18 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\yWorks

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %SYSTEMDRIVE%\*. >

[2012.07.06 18:23:45 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN

[2012.07.31 22:03:36 | 000,000,000 | ---D | M] -- C:\AMD

[2012.06.09 18:34:22 | 000,000,000 | --SD | M] -- C:\ComboFix

[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings

[2011.10.31 20:32:09 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen

[2011.11.11 21:42:30 | 000,000,000 | ---D | M] -- C:\Kpcms

[2012.11.21 07:16:13 | 000,000,000 | ---D | M] -- C:\lazarus

[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs

[2012.10.19 12:56:15 | 000,000,000 | ---D | M] -- C:\plugins

[2012.12.09 15:09:18 | 000,000,000 | R--D | M] -- C:\Program Files

[2012.12.09 16:18:11 | 000,000,000 | R--D | M] -- C:\Program Files (x86)

[2012.12.07 18:44:58 | 000,000,000 | ---D | M] -- C:\ProgramData

[2011.10.31 20:32:10 | 000,000,000 | -HSD | M] -- C:\Programme

[2012.06.09 18:09:07 | 000,000,000 | ---D | M] -- C:\Qoobox

[2011.10.31 20:32:10 | 000,000,000 | ---D | M] -- C:\Recovery

[2012.05.29 00:36:23 | 000,000,000 | R--D | M] -- C:\Sandbox

[2012.12.12 22:08:38 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2012.07.29 16:18:50 | 000,000,000 | ---D | M] -- C:\tmp

[2011.10.31 20:32:19 | 000,000,000 | R--D | M] -- C:\Users

[2012.11.15 20:18:51 | 000,000,000 | -H-D | M] -- C:\VritualRoot

[2012.10.21 13:22:14 | 000,000,000 | ---D | M] -- C:\VXIPNP

[2012.11.26 17:46:39 | 000,000,000 | ---D | M] -- C:\Windows

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2012.11.28 19:39:35 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\.minecraft

[2012.05.08 15:26:51 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\.Nitrous

[2012.08.21 09:10:02 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\.purple

[2012.05.13 12:47:30 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Adobe

[2012.04.06 12:22:24 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\AntMe

[2011.11.17 15:51:14 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Apple Computer

[2011.11.01 16:06:56 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\ATI

[2012.03.21 22:06:00 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\AtoCC

[2012.12.12 20:36:07 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Audacity

[2012.02.03 19:12:04 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\BL-Soft

[2012.01.21 11:41:31 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Blender Foundation

[2012.03.08 19:07:12 | 000,000,000 | R--D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Brother

[2012.09.02 09:26:56 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\CoffeeCup Software

[2012.07.20 17:42:11 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Columbus Soft

[2012.02.05 22:29:14 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2012.03.15 16:37:35 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\DAEMON Tools Lite

[2012.12.12 16:45:02 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Dropbox

[2012.04.30 22:05:59 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\dvdcss

[2012.12.02 18:37:42 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoft

[2012.12.02 18:37:20 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.11.22 15:09:25 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\EvaBox

[2012.11.11 22:53:18 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\FileZilla

[2011.11.11 22:39:42 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\FreePDF

[2012.06.04 14:11:12 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Google

[2012.12.08 10:54:15 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\gtk-2.0

[2012.03.30 18:13:01 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Hamachi

[2012.09.12 20:57:59 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\IcoFX2X

[2011.10.31 20:32:33 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Identities

[2012.08.11 21:15:46 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\IGC

[2012.03.06 20:07:32 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\ImgBurn

[2012.09.23 13:40:38 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\JoCar Consulting

[2011.11.19 13:09:46 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Leadertech

[2011.11.19 13:08:49 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Logishrd

[2011.11.19 13:09:49 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Logitech

[2011.11.01 11:10:38 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Macromedia

[2012.05.04 18:07:27 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Malwarebytes

[2012.02.03 19:29:29 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\MAXON

[2011.04.12 08:54:56 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Media Center Programs

[2012.09.02 15:28:40 | 000,000,000 | --SD | M] -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft

[2012.08.13 11:50:23 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft Corporation

[2012.03.06 14:35:04 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\mirabyte

[2011.11.01 07:44:05 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Mozilla

[2012.07.18 17:18:14 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\MusE

[2012.09.21 14:19:44 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Notepad++

[2011.12.19 15:42:16 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\OpenOffice.org

[2012.12.03 16:39:32 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\POV-Ray

[2012.02.03 19:33:20 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\RDecke

[2012.12.12 19:59:29 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Skype

[2012.04.04 13:26:23 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2012.04.19 18:26:30 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\TeamViewer

[2012.10.10 20:56:49 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Teeworlds

[2011.11.15 20:14:22 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Thunderbird

[2012.10.17 08:06:02 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\tipptrainer2

[2012.07.20 19:08:09 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\TS3Client

[2012.02.19 18:38:31 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\ts3overlay

[2012.04.11 09:13:01 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\vlc

[2011.11.16 15:27:25 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\VOS

[2011.12.15 16:45:32 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\WinRAR

[2011.11.18 14:40:27 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\XnView

[2012.02.13 15:56:18 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\yWorks

 
 < %APPDATA%\*.exe /s >

[2012.03.21 22:04:30 | 003,401,385 | ---- | M] (                                                            ) -- C:\Users\Skywalk3r\AppData\Roaming\AtoCC\AtoCC Setup.exe

[2012.05.24 19:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Skywalk3r\AppData\Roaming\Dropbox\bin\Dropbox.exe

[2012.05.24 19:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Skywalk3r\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe

[2012.05.24 19:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Skywalk3r\AppData\Roaming\Dropbox\bin\Uninstall.exe

[2012.02.05 22:28:27 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Skywalk3r\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

[2011.12.03 20:01:13 | 000,010,134 | R--- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{20B1B020-DEAE-48D1-9960-D4C3185D758B}\Foren.exe

[2011.12.03 20:01:13 | 000,000,766 | R--- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{20B1B020-DEAE-48D1-9960-D4C3185D758B}\htmledit.exe

[2011.11.19 13:09:45 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

[2012.10.17 08:04:57 | 000,025,214 | R--- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{7036A07A-FE2A-4920-A944-19B73D16F106}\ARPPRODUCTICON.exe

[2012.10.17 08:04:57 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{7036A07A-FE2A-4920-A944-19B73D16F106}\NewShortcut2_7036A07AFE2A4920A94419B73D16F106_1.exe

[2012.10.17 08:04:57 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{7036A07A-FE2A-4920-A944-19B73D16F106}\NewShortcut8_7036A07AFE2A4920A94419B73D16F106.exe

[2012.07.31 21:45:49 | 000,088,102 | R--- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{B106B636-CAE2-B7BC-2988-3FD21DB1E0C7}\ARPPRODUCTICON.exe

[2012.12.03 16:40:08 | 000,121,334 | R--- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}\ARPPRODUCTICON.exe

[2012.12.03 16:40:09 | 000,159,744 | R--- | M] (Macrovision Corporation) -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}\NewShortcut2_D0CE053E0E5E4C129BAED0F36021E911.exe

[2012.12.03 16:40:08 | 000,159,744 | R--- | M] (Macrovision Corporation) -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}\PVEngine.ProgramMe_D0CE053E0E5E4C129BAED0F36021E911.exe

[2009.05.31 19:33:06 | 003,728,200 | ---- | M] (Persistence of Vision Raytracer Pty. Ltd.) -- C:\Users\Skywalk3r\AppData\Roaming\POV-Ray\v3.6\bin\pvengine64.exe

[2011.09.30 01:05:07 | 000,531,456 | ---- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\VOS\Cameyo\%Program Files%\Cameyo\Launcher.exe

[2011.09.30 01:07:07 | 001,307,136 | ---- | M] (Cameyo (cameyo.com)) -- C:\Users\Skywalk3r\AppData\Roaming\VOS\Cameyo\%Program Files%\Cameyo\Loader.exe

[2011.09.30 01:08:09 | 000,896,000 | ---- | M] (Microsoft) -- C:\Users\Skywalk3r\AppData\Roaming\VOS\Cameyo\%Program Files%\Cameyo\PackageEditor.exe

[2011.09.30 01:10:23 | 002,009,088 | ---- | M] (Cameyo (cameyo.com)) -- C:\Users\Skywalk3r\AppData\Roaming\VOS\Cameyo\%Program Files%\Cameyo\Packager.exe

[2011.09.30 01:13:28 | 002,818,560 | ---- | M] (Cameyo (cameyo.com)) -- C:\Users\Skywalk3r\AppData\Roaming\VOS\Cameyo\%Program Files%\Cameyo\Packager64.exe

[2011.09.30 01:05:06 | 000,877,056 | ---- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\VOS\Cameyo\%Program Files%\Cameyo\PkgEdit.exe

 
 < %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles >

 
 < %SYSTEMROOT%\System32\config\*.sav >

 
 < %SYSTEMROOT%\*. /mp /s >

 
 < %SYSTEMROOT%\system32\*.dll /lockedfiles >

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:DED17083
 

< End of report >

:dankeschoen:

Code:

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03BBD8F3-6B44-4B97-938E-19B208229B71}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03BBD8F3-6B44-4B97-938E-19B208229B71}: NameServer = 8.26.56.26,156.154.70.22

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2038F4DF-E548-4D18-B317-D250937CD209}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BE25285-F889-4403-8F03-A27A71328216}: NameServer = 8.26.56.26,156.154.70.22

Warum ein Professional Windows?
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?

Ich brauchte nicht die ganzen Sachen, die in Home Premium enthalten sind. Warum dann nicht gleich Professional?!
Und nein, es ist kein Firmenrechner.

Zitat:

Ich brauchte nicht die ganzen Sachen, die in Home Premium enthalten sind. Warum dann nicht gleich Professional?!

Diese Aussage klingt irgendwie absurd
Du weißt schon, dass Professional die teurere Version ist weil sie mehr Features hat, die von Firmen meist zwingend benötigt werden?!

Falls du andeuten willst, dass das eine nicht legal erworbene Lizenz ist, lautet die Antwort zu 100% nein!

Ich will einfach nur eine klare Aussage darüber, warum du ein Prefessional hast und diese hab ich immer noch nicht bekommen!
Warum also hast du auf deinem angeblich reinen Privat-PC eine Professional Edition?

Zitat:

Ich brauchte nicht die ganzen Sachen, die in Home Premium enthalten sind.

HomeEdition ist dir zuviel, also gleich mal zu einer Edition greifen die noch mehr Features hat, die man als Privatmensch hinten und vorne nicht braucht?! :lach:

Also, um das jetzt klarzustellen.
Die meisten fertigen Computer haben schon vorinstalliertes Windows HP. Ich habe meinen selber zusammengestellt. Mein alter PC hatte noch XP und deshalb musste ich mir ein Neues zulegen. Schwupp war Weihnachten und mein Dad hat gesagt:" Dann kaufe ich dir 7.". So, dass er Professional nimmt, war mir natürlich egal, denn ich hatte keinen Plan von den Unterschieden. Zu meiner Frage, warum er denn nicht das günstigere genommen hat, meinte er, auf HP seien so viele Sachen drauf, die ich garnicht benötige... und ich denke, er hat 7 noch nicht ganz so vertraut, dass alle alten XP Programme wirklich bei mir dann laufen würden.

Ich persönlich hätte mir jetzt auch HP gekauft, nur weil es günstiger ist und wirklich fast alle Programme dort funktionieren. Aber wenn ich zu dem Zeitpunkt kein Plan davon hatte. :(

Du hast mich darauf erst aufmerksam gemacht, mich darüber richtig mal zu informieren, nachdem du nochmal nachgefragt hast.

So viel zum Thema Professional.

Könnten wir uns aber jetzt, wenn möglich auf mein Problem konzentrieren?! ;)

Zitat:

meinte er, auf HP seien so viele Sachen drauf, die ich garnicht benötige...

Naja, muss man nicht verstehen aber es ist wie es ist...

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

MBR:

Code:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software

Run date: 2012-12-14 18:38:18

-----------------------------

18:38:18.402    OS Version: Windows x64 6.1.7601 Service Pack 1

18:38:18.403    Number of processors: 4 586 0x2502

18:38:18.403    ComputerName: BOMBERCHEN  UserName: Skywalk3r

18:38:48.520    Initialize success

18:39:01.241    AVAST engine defs: 12121400

18:39:56.959    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-4

18:39:56.962    Disk 0 Vendor: ST1500DL003-9VT16L CC31 Size: 1430799MB BusType: 3

18:39:56.966    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T1L0-8

18:39:56.969    Disk 1 Vendor: WDC_WD10EVDS-63U8B0 01.00A01 Size: 953869MB BusType: 3

18:39:57.000    Disk 1 MBR read successfully

18:39:57.004    Disk 1 MBR scan

18:39:57.013    Disk 1 unknown MBR code

18:39:57.017    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS       503643 MB offset 2048

18:39:57.044    Disk 1 Partition 2 00     07    HPFS/NTFS NTFS       450220 MB offset 1031469390

18:39:57.080    Disk 1 scanning C:\Windows\system32\drivers

18:40:06.678    Service scanning

18:40:32.361    Modules scanning

18:40:32.372    Disk 1 trace - called modules:

18:40:32.744    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys 

18:40:32.751    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800dcb6060]

18:40:32.758    3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa800daa5580]

18:40:32.766    5 ACPI.sys[fffff88000f227a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T1L0-8[0xfffffa800dabc680]

18:40:32.772    Scan finished successfully

18:40:45.696    Disk 1 MBR has been saved successfully to "C:\Users\Skywalk3r\Desktop\MBR.dat"

18:40:45.704    The log file has been saved successfully to "C:\Users\Skywalk3r\Desktop\aswMBR.txt"

TDSS:

Code:

18:41:56.0389 2124  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

18:41:56.0585 2124  ============================================================

18:41:56.0585 2124  Current date / time: 2012/12/14 18:41:56.0585

18:41:56.0585 2124  SystemInfo:

18:41:56.0585 2124  

18:41:56.0585 2124  OS Version: 6.1.7601 ServicePack: 1.0

18:41:56.0585 2124  Product type: Workstation

18:41:56.0585 2124  ComputerName: BOMBERCHEN

18:41:56.0586 2124  UserName: Skywalk3r

18:41:56.0586 2124  Windows directory: C:\Windows

18:41:56.0586 2124  System windows directory: C:\Windows

18:41:56.0586 2124  Running under WOW64

18:41:56.0586 2124  Processor architecture: Intel x64

18:41:56.0586 2124  Number of processors: 4

18:41:56.0586 2124  Page size: 0x1000

18:41:56.0586 2124  Boot type: Normal boot

18:41:56.0586 2124  ============================================================

18:42:03.0212 2124  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

18:42:03.0261 2124  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

18:42:03.0277 2124  ============================================================

18:42:03.0277 2124  \Device\Harddisk1\DR1:

18:42:03.0277 2124  MBR partitions:

18:42:03.0277 2124  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3D7AD800

18:42:03.0277 2124  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3D7AF94E, BlocksNum 0x36F56073

18:42:03.0277 2124  \Device\Harddisk0\DR0:

18:42:03.0277 2124  MBR partitions:

18:42:03.0277 2124  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

18:42:03.0277 2124  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x24ACF800

18:42:03.0306 2124  ============================================================

18:42:03.0402 2124  C: <-> \Device\Harddisk1\DR1\Partition2

18:42:03.0473 2124  E: <-> \Device\Harddisk1\DR1\Partition1

18:42:03.0502 2124  F: <-> \Device\Harddisk0\DR0\Partition1

18:42:03.0523 2124  G: <-> \Device\Harddisk0\DR0\Partition2

18:42:03.0523 2124  ============================================================

18:42:03.0523 2124  Initialize success

18:42:03.0523 2124  ============================================================

18:42:16.0343 5028  ============================================================

18:42:16.0343 5028  Scan started

18:42:16.0343 5028  Mode: Manual; SigCheck; TDLFS; 

18:42:16.0343 5028  ============================================================

18:42:20.0105 5028  ================ Scan system memory ========================

18:42:20.0105 5028  System memory - ok

18:42:20.0107 5028  ================ Scan services =============================

18:42:20.0462 5028  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

18:42:20.0588 5028  1394ohci - ok

18:42:20.0604 5028  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

18:42:20.0622 5028  ACPI - ok

18:42:20.0649 5028  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

18:42:20.0731 5028  AcpiPmi - ok

18:42:20.0887 5028  [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

18:42:20.0917 5028  AdobeFlashPlayerUpdateSvc - ok

18:42:20.0976 5028  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

18:42:21.0014 5028  adp94xx - ok

18:42:21.0075 5028  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys

18:42:21.0107 5028  adpahci - ok

18:42:21.0136 5028  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

18:42:21.0150 5028  adpu320 - ok

18:42:21.0180 5028  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

18:42:21.0330 5028  AeLookupSvc - ok

18:42:21.0393 5028  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys

18:42:21.0481 5028  AFD - ok

18:42:21.0506 5028  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys

18:42:21.0521 5028  agp440 - ok

18:42:21.0542 5028  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

18:42:21.0608 5028  ALG - ok

18:42:21.0623 5028  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys

18:42:21.0636 5028  aliide - ok

18:42:21.0718 5028  [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

18:42:21.0807 5028  AMD External Events Utility - ok

18:42:21.0840 5028  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys

18:42:21.0866 5028  amdide - ok

18:42:21.0915 5028  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

18:42:21.0957 5028  AmdK8 - ok

18:42:23.0703 5028  [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

18:42:24.0008 5028  amdkmdag - ok

18:42:24.0232 5028  [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys

18:42:24.0323 5028  amdkmdap - ok

18:42:24.0339 5028  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys

18:42:24.0413 5028  AmdPPM - ok

18:42:24.0521 5028  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

18:42:24.0550 5028  amdsata - ok

18:42:24.0641 5028  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

18:42:24.0677 5028  amdsbs - ok

18:42:24.0778 5028  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

18:42:24.0802 5028  amdxata - ok

18:42:24.0874 5028  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys

18:42:26.0181 5028  AppID - ok

18:42:26.0217 5028  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

18:42:26.0306 5028  AppIDSvc - ok

18:42:26.0339 5028  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll

18:42:26.0399 5028  Appinfo - ok

18:42:26.0562 5028  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:42:26.0597 5028  Apple Mobile Device - ok

18:42:26.0660 5028  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll

18:42:26.0715 5028  AppMgmt - ok

18:42:26.0747 5028  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys

18:42:26.0774 5028  arc - ok

18:42:26.0800 5028  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys

18:42:26.0813 5028  arcsas - ok

18:42:26.0933 5028  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

18:42:26.0987 5028  aspnet_state - ok

18:42:27.0016 5028  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

18:42:27.0093 5028  AsyncMac - ok

18:42:27.0109 5028  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys

18:42:27.0121 5028  atapi - ok

18:42:27.0171 5028  [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

18:42:27.0198 5028  AtiHDAudioService - ok

18:42:27.0243 5028  [ 7E2F5A758F63F80F8B03F889B4E6B19F ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys

18:42:27.0257 5028  AtiHdmiService - ok

18:42:27.0307 5028  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

18:42:27.0370 5028  AudioEndpointBuilder - ok

18:42:27.0379 5028  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

18:42:27.0418 5028  AudioSrv - ok

18:42:27.0468 5028  [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject        C:\Windows\system32\drivers\avmeject.sys

18:42:27.0492 5028  avmeject - ok

18:42:27.0523 5028  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll

18:42:27.0620 5028  AxInstSV - ok

18:42:27.0665 5028  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

18:42:27.0733 5028  b06bdrv - ok

18:42:27.0756 5028  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

18:42:27.0800 5028  b57nd60a - ok

18:42:27.0845 5028  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

18:42:27.0901 5028  BDESVC - ok

18:42:27.0915 5028  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

18:42:27.0956 5028  Beep - ok

18:42:28.0048 5028  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll

18:42:28.0143 5028  BFE - ok

18:42:28.0227 5028  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll

18:42:28.0346 5028  BITS - ok

18:42:28.0374 5028  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

18:42:28.0412 5028  blbdrive - ok

18:42:28.0584 5028  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

18:42:28.0611 5028  Bonjour Service - ok

18:42:28.0677 5028  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

18:42:28.0748 5028  bowser - ok

18:42:28.0792 5028  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys

18:42:28.0844 5028  BrFiltLo - ok

18:42:28.0857 5028  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys

18:42:28.0875 5028  BrFiltUp - ok

18:42:28.0929 5028  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys

18:42:29.0013 5028  BridgeMP - ok

18:42:29.0083 5028  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll

18:42:29.0173 5028  Browser - ok

18:42:29.0226 5028  [ 91EB9C1FC4A4221CA3CCBD864F815C30 ] BrPar           C:\Windows\System32\drivers\BrPar64a.sys

18:42:29.0249 5028  BrPar - ok

18:42:29.0265 5028  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

18:42:29.0344 5028  Brserid - ok

18:42:29.0350 5028  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

18:42:29.0380 5028  BrSerWdm - ok

18:42:29.0383 5028  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

18:42:29.0440 5028  BrUsbMdm - ok

18:42:29.0444 5028  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

18:42:29.0467 5028  BrUsbSer - ok

18:42:29.0498 5028  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

18:42:29.0517 5028  BTHMODEM - ok

18:42:29.0549 5028  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

18:42:29.0592 5028  bthserv - ok

18:42:29.0686 5028  catchme - ok

18:42:29.0714 5028  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

18:42:29.0792 5028  cdfs - ok

18:42:29.0836 5028  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

18:42:29.0882 5028  cdrom - ok

18:42:29.0903 5028  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll

18:42:29.0959 5028  CertPropSvc - ok

18:42:29.0973 5028  CFRMD - ok

18:42:29.0987 5028  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys

18:42:30.0003 5028  circlass - ok

18:42:30.0025 5028  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

18:42:30.0043 5028  CLFS - ok

18:42:30.0138 5028  [ 5724D9ECBF2A378EBF85FDC3BDA01F98 ] CLPSLauncher    C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe

18:42:30.0165 5028  CLPSLauncher - ok

18:42:30.0301 5028  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:42:30.0336 5028  clr_optimization_v2.0.50727_32 - ok

18:42:30.0405 5028  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

18:42:30.0436 5028  clr_optimization_v2.0.50727_64 - ok

18:42:30.0556 5028  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:42:30.0854 5028  clr_optimization_v4.0.30319_32 - ok

18:42:30.0878 5028  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

18:42:30.0938 5028  clr_optimization_v4.0.30319_64 - ok

18:42:30.0965 5028  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys

18:42:31.0011 5028  CmBatt - ok

18:42:31.0254 5028  [ 65FB5097D9EE7E3A99E932CFA0E4B344 ] cmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

18:42:31.0314 5028  cmdAgent - ok

18:42:31.0363 5028  [ 2D6DC31AA55BFF702519235DEF0DA68E ] cmderd          C:\Windows\system32\DRIVERS\cmderd.sys

18:42:31.0387 5028  cmderd - ok

18:42:31.0536 5028  [ 919ACCC22ABDC1C3CA68326C0E5DEAF9 ] cmdGuard        C:\Windows\system32\DRIVERS\cmdguard.sys

18:42:31.0575 5028  cmdGuard - ok

18:42:31.0603 5028  [ F8FECE0F1D44C4A58778083B00EEADAC ] cmdHlp          C:\Windows\system32\DRIVERS\cmdhlp.sys

18:42:31.0614 5028  cmdHlp - ok

18:42:31.0662 5028  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys

18:42:31.0687 5028  cmdide - ok

18:42:31.0773 5028  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys

18:42:31.0836 5028  CNG - ok

18:42:31.0844 5028  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

18:42:31.0860 5028  Compbatt - ok

18:42:31.0885 5028  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

18:42:31.0915 5028  CompositeBus - ok

18:42:31.0932 5028  COMSysApp - ok

18:42:31.0943 5028  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

18:42:31.0959 5028  crcdisk - ok

18:42:31.0993 5028  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll

18:42:32.0059 5028  CryptSvc - ok

18:42:32.0114 5028  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys

18:42:32.0166 5028  CSC - ok

18:42:32.0202 5028  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll

18:42:32.0256 5028  CscService - ok

18:42:32.0420 5028  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll

18:42:32.0528 5028  DcomLaunch - ok

18:42:32.0598 5028  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

18:42:32.0660 5028  defragsvc - ok

18:42:32.0684 5028  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

18:42:32.0732 5028  DfsC - ok

18:42:32.0766 5028  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll

18:42:32.0823 5028  Dhcp - ok

18:42:32.0837 5028  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

18:42:32.0908 5028  discache - ok

18:42:32.0932 5028  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys

18:42:32.0952 5028  Disk - ok

18:42:32.0979 5028  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys

18:42:33.0086 5028  dmvsc - ok

18:42:33.0132 5028  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

18:42:33.0235 5028  Dnscache - ok

18:42:33.0283 5028  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll

18:42:33.0378 5028  dot3svc - ok

18:42:33.0397 5028  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll

18:42:33.0451 5028  DPS - ok

18:42:33.0946 5028  [ 364F0E1D4510E05DC01A1A5E0E957F36 ] DragonUpdater   C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe

18:42:33.0994 5028  DragonUpdater - ok

18:42:34.0060 5028  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

18:42:34.0101 5028  drmkaud - ok

18:42:34.0225 5028  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys

18:42:34.0250 5028  dtsoftbus01 - ok

18:42:34.0294 5028  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

18:42:34.0330 5028  DXGKrnl - ok

18:42:34.0364 5028  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

18:42:34.0451 5028  EapHost - ok

18:42:34.0556 5028  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys

18:42:34.0688 5028  ebdrv - ok

18:42:34.0720 5028  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe

18:42:34.0786 5028  EFS - ok

18:42:34.0807 5028  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

18:42:34.0844 5028  elxstor - ok

18:42:34.0874 5028  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys

18:42:34.0912 5028  ErrDev - ok

18:42:34.0942 5028  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

18:42:35.0009 5028  EventSystem - ok

18:42:35.0061 5028  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

18:42:35.0134 5028  exfat - ok

18:42:35.0154 5028  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

18:42:35.0200 5028  fastfat - ok

18:42:35.0235 5028  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe

18:42:35.0305 5028  Fax - ok

18:42:35.0319 5028  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys

18:42:35.0337 5028  fdc - ok

18:42:35.0358 5028  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

18:42:35.0431 5028  fdPHost - ok

18:42:35.0444 5028  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

18:42:35.0530 5028  FDResPub - ok

18:42:35.0543 5028  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

18:42:35.0556 5028  FileInfo - ok

18:42:35.0590 5028  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

18:42:35.0694 5028  Filetrace - ok

18:42:35.0714 5028  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys

18:42:35.0727 5028  flpydisk - ok

18:42:35.0812 5028  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

18:42:35.0849 5028  FltMgr - ok

18:42:35.0965 5028  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll

18:42:36.0060 5028  FontCache - ok

18:42:36.0093 5028  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

18:42:36.0106 5028  FontCache3.0.0.0 - ok

18:42:36.0131 5028  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

18:42:36.0151 5028  FsDepends - ok

18:42:36.0193 5028  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

18:42:36.0219 5028  Fs_Rec - ok

18:42:36.0236 5028  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

18:42:36.0253 5028  fvevol - ok

18:42:36.0295 5028  [ 444534CBA693DD23C1CC589681E01656 ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys

18:42:36.0355 5028  FWLANUSB - ok

18:42:36.0371 5028  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

18:42:36.0384 5028  gagp30kx - ok

18:42:36.0432 5028  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

18:42:36.0452 5028  GEARAspiWDM - ok

18:42:36.0513 5028  [ 31B5C233933CAF0FB1499F458F04FD9A ] GeekBuddyRSP    C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe

18:42:36.0556 5028  GeekBuddyRSP - ok

18:42:36.0698 5028  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll

18:42:36.0758 5028  gpsvc - ok

18:42:36.0823 5028  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys

18:42:36.0846 5028  hamachi - ok

18:42:36.0861 5028  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

18:42:36.0906 5028  hcw85cir - ok

18:42:36.0951 5028  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

18:42:36.0999 5028  HdAudAddService - ok

18:42:37.0031 5028  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

18:42:37.0083 5028  HDAudBus - ok

18:42:37.0107 5028  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys

18:42:37.0146 5028  HidBatt - ok

18:42:37.0167 5028  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys

18:42:37.0208 5028  HidBth - ok

18:42:37.0231 5028  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys

18:42:37.0248 5028  HidIr - ok

18:42:37.0298 5028  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll

18:42:37.0382 5028  hidserv - ok

18:42:37.0414 5028  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

18:42:37.0427 5028  HidUsb - ok

18:42:37.0468 5028  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll

18:42:37.0564 5028  hkmsvc - ok

18:42:37.0658 5028  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

18:42:37.0722 5028  HomeGroupListener - ok

18:42:37.0765 5028  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

18:42:37.0815 5028  HomeGroupProvider - ok

18:42:37.0833 5028  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

18:42:37.0861 5028  HpSAMD - ok

18:42:38.0048 5028  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

18:42:38.0139 5028  HTTP - ok

18:42:38.0157 5028  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

18:42:38.0169 5028  hwpolicy - ok

18:42:38.0187 5028  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

18:42:38.0200 5028  i8042prt - ok

18:42:38.0252 5028  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

18:42:38.0288 5028  iaStorV - ok

18:42:38.0469 5028  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

18:42:38.0531 5028  IDriverT ( UnsignedFile.Multi.Generic ) - warning

18:42:38.0531 5028  IDriverT - detected UnsignedFile.Multi.Generic (1)

18:42:38.0709 5028  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

18:42:38.0735 5028  idsvc - ok

18:42:38.0759 5028  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

18:42:38.0771 5028  iirsp - ok

18:42:38.0838 5028  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll

18:42:38.0959 5028  IKEEXT - ok

18:42:39.0037 5028  [ C4E67D3037DC79E39D7136581A947F50 ] inspect         C:\Windows\system32\DRIVERS\inspect.sys

18:42:39.0063 5028  inspect - ok

18:42:39.0199 5028  [ 2B888BBDF6962E608A5E1A1D7A626ADF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

18:42:39.0252 5028  IntcAzAudAddService - ok

18:42:39.0273 5028  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys

18:42:39.0285 5028  intelide - ok

18:42:39.0312 5028  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

18:42:39.0350 5028  intelppm - ok

18:42:39.0371 5028  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

18:42:39.0448 5028  IPBusEnum - ok

18:42:39.0468 5028  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:42:39.0502 5028  IpFilterDriver - ok

18:42:39.0653 5028  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

18:42:39.0722 5028  iphlpsvc - ok

18:42:39.0737 5028  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

18:42:39.0780 5028  IPMIDRV - ok

18:42:39.0795 5028  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

18:42:39.0847 5028  IPNAT - ok

18:42:39.0940 5028  [ B474C756C13960793C7583B766F904C4 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

18:42:39.0976 5028  iPod Service - ok

18:42:40.0000 5028  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

18:42:40.0026 5028  IRENUM - ok

18:42:40.0043 5028  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

18:42:40.0055 5028  isapnp - ok

18:42:40.0162 5028  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

18:42:40.0208 5028  iScsiPrt - ok

18:42:40.0253 5028  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

18:42:40.0277 5028  kbdclass - ok

18:42:40.0315 5028  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

18:42:40.0353 5028  kbdhid - ok

18:42:40.0398 5028  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe

18:42:40.0425 5028  KeyIso - ok

18:42:40.0456 5028  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

18:42:40.0486 5028  KSecDD - ok

18:42:40.0513 5028  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

18:42:40.0529 5028  KSecPkg - ok

18:42:40.0532 5028  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

18:42:40.0582 5028  ksthunk - ok

18:42:40.0695 5028  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

18:42:40.0772 5028  KtmRm - ok

18:42:40.0835 5028  [ 7D80A55B6D0C2A54728158E846F4696D ] L8042Kbd        C:\Windows\system32\DRIVERS\L8042Kbd.sys

18:42:40.0860 5028  L8042Kbd - ok

18:42:40.0917 5028  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll

18:42:40.0998 5028  LanmanServer - ok

18:42:41.0079 5028  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

18:42:41.0162 5028  LanmanWorkstation - ok

18:42:41.0199 5028  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys

18:42:41.0220 5028  LHidFilt - ok

18:42:41.0244 5028  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

18:42:41.0302 5028  lltdio - ok

18:42:41.0333 5028  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

18:42:41.0388 5028  lltdsvc - ok

18:42:41.0450 5028  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

18:42:41.0528 5028  lmhosts - ok

18:42:41.0541 5028  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys

18:42:41.0552 5028  LMouFilt - ok

18:42:41.0586 5028  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

18:42:41.0599 5028  LSI_FC - ok

18:42:41.0625 5028  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

18:42:41.0638 5028  LSI_SAS - ok

18:42:41.0646 5028  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

18:42:41.0658 5028  LSI_SAS2 - ok

18:42:41.0669 5028  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

18:42:41.0683 5028  LSI_SCSI - ok

18:42:41.0703 5028  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

18:42:41.0753 5028  luafv - ok

18:42:41.0808 5028  [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys

18:42:41.0832 5028  LUsbFilt - ok

18:42:42.0001 5028  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

18:42:42.0032 5028  MDM - ok

18:42:42.0075 5028  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys

18:42:42.0102 5028  megasas - ok

18:42:42.0128 5028  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

18:42:42.0144 5028  MegaSR - ok

18:42:42.0174 5028  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

18:42:42.0246 5028  MMCSS - ok

18:42:42.0284 5028  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

18:42:42.0359 5028  Modem - ok

18:42:42.0398 5028  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

18:42:42.0435 5028  monitor - ok

18:42:42.0449 5028  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

18:42:42.0464 5028  mouclass - ok

18:42:42.0484 5028  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

18:42:42.0515 5028  mouhid - ok

18:42:42.0532 5028  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

18:42:42.0547 5028  mountmgr - ok

18:42:42.0592 5028  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

18:42:42.0616 5028  MozillaMaintenance - ok

18:42:42.0633 5028  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys

18:42:42.0651 5028  mpio - ok

18:42:42.0667 5028  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

18:42:42.0711 5028  mpsdrv - ok

18:42:42.0854 5028  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll

18:42:42.0929 5028  MpsSvc - ok

18:42:42.0971 5028  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

18:42:43.0034 5028  MRxDAV - ok

18:42:43.0089 5028  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

18:42:43.0176 5028  mrxsmb - ok

18:42:43.0192 5028  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:42:43.0229 5028  mrxsmb10 - ok

18:42:43.0258 5028  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:42:43.0274 5028  mrxsmb20 - ok

18:42:43.0301 5028  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys

18:42:43.0313 5028  msahci - ok

18:42:43.0335 5028  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

18:42:43.0365 5028  msdsm - ok

18:42:43.0383 5028  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

18:42:43.0413 5028  MSDTC - ok

18:42:43.0436 5028  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

18:42:43.0500 5028  Msfs - ok

18:42:43.0533 5028  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

18:42:43.0568 5028  mshidkmdf - ok

18:42:43.0603 5028  [ 0BBE794E0C54621CFA8ED9B5850BAAAE ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys

18:42:43.0625 5028  MSHUSBVideo - ok

18:42:43.0639 5028  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

18:42:43.0652 5028  msisadrv - ok

18:42:43.0685 5028  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

18:42:43.0743 5028  MSiSCSI - ok

18:42:43.0746 5028  msiserver - ok

18:42:43.0792 5028  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

18:42:43.0861 5028  MSKSSRV - ok

18:42:43.0913 5028  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

18:42:43.0983 5028  MSPCLOCK - ok

18:42:44.0013 5028  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

18:42:44.0055 5028  MSPQM - ok

18:42:44.0144 5028  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

18:42:44.0177 5028  MsRPC - ok

18:42:44.0181 5028  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

18:42:44.0194 5028  mssmbios - ok

18:42:44.0286 5028  MSSQL$SQLEXPRESS - ok

18:42:44.0389 5028  [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

18:42:44.0424 5028  MSSQLServerADHelper100 - ok

18:42:44.0449 5028  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

18:42:44.0508 5028  MSTEE - ok

18:42:44.0531 5028  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys

18:42:44.0543 5028  MTConfig - ok

18:42:44.0564 5028  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

18:42:44.0576 5028  Mup - ok

18:42:44.0730 5028  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll

18:42:44.0795 5028  napagent - ok

18:42:44.0854 5028  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

18:42:44.0917 5028  NativeWifiP - ok

18:42:44.0980 5028  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys

18:42:45.0048 5028  NDIS - ok

18:42:45.0084 5028  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

18:42:45.0118 5028  NdisCap - ok

18:42:45.0138 5028  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

18:42:45.0172 5028  NdisTapi - ok

18:42:45.0189 5028  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

18:42:45.0223 5028  Ndisuio - ok

18:42:45.0236 5028  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

18:42:45.0285 5028  NdisWan - ok

18:42:45.0310 5028  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

18:42:45.0367 5028  NDProxy - ok

18:42:45.0396 5028  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

18:42:45.0471 5028  NetBIOS - ok

18:42:45.0529 5028  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

18:42:45.0601 5028  NetBT - ok

18:42:45.0620 5028  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe

18:42:45.0633 5028  Netlogon - ok

18:42:45.0684 5028  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

18:42:45.0757 5028  Netman - ok

18:42:45.0810 5028  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:42:45.0850 5028  NetMsmqActivator - ok

18:42:45.0865 5028  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:42:45.0877 5028  NetPipeActivator - ok

18:42:45.0897 5028  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

18:42:45.0951 5028  netprofm - ok

18:42:45.0955 5028  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:42:45.0966 5028  NetTcpActivator - ok

18:42:45.0980 5028  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:42:45.0990 5028  NetTcpPortSharing - ok

18:42:46.0010 5028  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

18:42:46.0022 5028  nfrd960 - ok

18:42:46.0055 5028  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll

18:42:46.0088 5028  NlaSvc - ok

18:42:46.0126 5028  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

18:42:46.0177 5028  Npfs - ok

18:42:46.0200 5028  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

18:42:46.0257 5028  nsi - ok

18:42:46.0270 5028  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

18:42:46.0350 5028  nsiproxy - ok

18:42:46.0450 5028  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

18:42:46.0530 5028  Ntfs - ok

18:42:46.0549 5028  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

18:42:46.0599 5028  Null - ok

18:42:46.0640 5028  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys

18:42:46.0667 5028  nvraid - ok

18:42:46.0734 5028  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys

18:42:46.0781 5028  nvstor - ok

18:42:46.0819 5028  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

18:42:46.0846 5028  nv_agp - ok

18:42:46.0865 5028  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

18:42:46.0890 5028  ohci1394 - ok

18:42:46.0939 5028  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:42:46.0962 5028  ose - ok

18:42:46.0989 5028  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

18:42:47.0048 5028  p2pimsvc - ok

18:42:47.0108 5028  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

18:42:47.0161 5028  p2psvc - ok

18:42:47.0198 5028  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

18:42:47.0229 5028  Parport - ok

18:42:47.0273 5028  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys

18:42:47.0298 5028  partmgr - ok

18:42:47.0308 5028  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

18:42:47.0354 5028  PcaSvc - ok

18:42:47.0414 5028  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys

18:42:47.0459 5028  pci - ok

18:42:47.0484 5028  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys

18:42:47.0498 5028  pciide - ok

18:42:47.0542 5028  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

18:42:47.0596 5028  pcmcia - ok

18:42:47.0625 5028  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

18:42:47.0639 5028  pcw - ok

18:42:47.0706 5028  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

18:42:47.0805 5028  PEAUTH - ok

18:42:48.0180 5028  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll

18:42:48.0278 5028  PeerDistSvc - ok

18:42:48.0353 5028  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

18:42:48.0412 5028  PerfHost - ok

18:42:48.0492 5028  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll

18:42:48.0609 5028  pla - ok

18:42:48.0670 5028  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

18:42:48.0743 5028  PlugPlay - ok

18:42:48.0758 5028  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

18:42:48.0809 5028  PNRPAutoReg - ok

18:42:48.0834 5028  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

18:42:48.0855 5028  PNRPsvc - ok

18:42:48.0878 5028  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

18:42:48.0931 5028  PolicyAgent - ok

18:42:48.0969 5028  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll

18:42:49.0016 5028  Power - ok

18:42:49.0060 5028  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

18:42:49.0135 5028  PptpMiniport - ok

18:42:49.0166 5028  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys

18:42:49.0221 5028  Processor - ok

18:42:49.0266 5028  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll

18:42:49.0339 5028  ProfSvc - ok

18:42:49.0354 5028  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

18:42:49.0374 5028  ProtectedStorage - ok

18:42:49.0389 5028  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

18:42:49.0454 5028  Psched - ok

18:42:49.0718 5028  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys

18:42:49.0789 5028  ql2300 - ok

18:42:49.0811 5028  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

18:42:49.0824 5028  ql40xx - ok

18:42:49.0887 5028  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

18:42:49.0936 5028  QWAVE - ok

18:42:49.0969 5028  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

18:42:49.0996 5028  QWAVEdrv - ok

18:42:50.0011 5028  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

18:42:50.0049 5028  RasAcd - ok

18:42:50.0082 5028  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

18:42:50.0133 5028  RasAgileVpn - ok

18:42:50.0152 5028  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

18:42:50.0198 5028  RasAuto - ok

18:42:50.0202 5028  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

18:42:50.0236 5028  Rasl2tp - ok

18:42:50.0328 5028  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll

18:42:50.0408 5028  RasMan - ok

18:42:50.0433 5028  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

18:42:50.0493 5028  RasPppoe - ok

18:42:50.0537 5028  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

18:42:50.0610 5028  RasSstp - ok

18:42:50.0687 5028  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

18:42:50.0741 5028  rdbss - ok

18:42:50.0762 5028  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

18:42:50.0805 5028  rdpbus - ok

18:42:50.0826 5028  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

18:42:50.0868 5028  RDPCDD - ok

18:42:50.0928 5028  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

18:42:50.0990 5028  RDPDR - ok

18:42:51.0015 5028  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

18:42:51.0081 5028  RDPENCDD - ok

18:42:51.0137 5028  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

18:42:51.0194 5028  RDPREFMP - ok

18:42:51.0269 5028  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

18:42:51.0327 5028  RDPWD - ok

18:42:51.0356 5028  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

18:42:51.0381 5028  rdyboost - ok

18:42:51.0406 5028  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

18:42:51.0478 5028  RemoteAccess - ok

18:42:51.0506 5028  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

18:42:51.0543 5028  RemoteRegistry - ok

18:42:51.0563 5028  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

18:42:51.0615 5028  RpcEptMapper - ok

18:42:51.0646 5028  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

18:42:51.0671 5028  RpcLocator - ok

18:42:51.0709 5028  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll

18:42:51.0764 5028  RpcSs - ok

18:42:51.0833 5028  [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCap        C:\Windows\system32\DRIVERS\rrnetcap.sys

18:42:51.0855 5028  RRNetCap - ok

18:42:51.0876 5028  [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCapMP      C:\Windows\system32\DRIVERS\rrnetcap.sys

18:42:51.0891 5028  RRNetCapMP - ok

18:42:51.0948 5028  [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys

18:42:51.0976 5028  RsFx0103 - ok

18:42:51.0987 5028  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

18:42:52.0024 5028  rspndr - ok

18:42:52.0074 5028  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

18:42:52.0107 5028  RTL8167 - ok

18:42:52.0123 5028  RTL8192cu - ok

18:42:52.0138 5028  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys

18:42:52.0170 5028  s3cap - ok

18:42:52.0187 5028  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe

18:42:52.0206 5028  SamSs - ok

18:42:52.0307 5028  [ 0FE05DD9BBF0782E2BBF0977F2034616 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys

18:42:52.0336 5028  SbieDrv - ok

18:42:52.0356 5028  [ C970C7B2FD2E811525D4578D50B535F5 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe

18:42:52.0369 5028  SbieSvc - ok

18:42:52.0385 5028  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

18:42:52.0399 5028  sbp2port - ok

18:42:52.0433 5028  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

18:42:52.0479 5028  SCardSvr - ok

18:42:52.0518 5028  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

18:42:52.0613 5028  scfilter - ok

18:42:52.0855 5028  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll

18:42:52.0930 5028  Schedule - ok

18:42:52.0980 5028  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll

18:42:53.0024 5028  SCPolicySvc - ok

18:42:53.0127 5028  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

18:42:53.0181 5028  SDRSVC - ok

18:42:53.0218 5028  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

18:42:53.0270 5028  secdrv - ok

18:42:53.0310 5028  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll

18:42:53.0352 5028  seclogon - ok

18:42:53.0433 5028  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll

18:42:53.0536 5028  SENS - ok

18:42:53.0592 5028  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

18:42:53.0666 5028  SensrSvc - ok

18:42:53.0680 5028  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

18:42:53.0740 5028  Serenum - ok

18:42:53.0757 5028  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

18:42:53.0806 5028  Serial - ok

18:42:53.0810 5028  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys

18:42:53.0839 5028  sermouse - ok

18:42:53.0864 5028  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll

18:42:53.0924 5028  SessionEnv - ok

18:42:53.0927 5028  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

18:42:53.0942 5028  sffdisk - ok

18:42:53.0971 5028  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

18:42:54.0036 5028  sffp_mmc - ok

18:42:54.0048 5028  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

18:42:54.0103 5028  sffp_sd - ok

18:42:54.0107 5028  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

18:42:54.0131 5028  sfloppy - ok

18:42:54.0185 5028  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

18:42:54.0271 5028  SharedAccess - ok

18:42:54.0338 5028  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

18:42:54.0394 5028  ShellHWDetection - ok

18:42:54.0419 5028  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

18:42:54.0431 5028  SiSRaid2 - ok

18:42:54.0482 5028  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

18:42:54.0509 5028  SiSRaid4 - ok

18:42:54.0610 5028  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

18:42:54.0635 5028  SkypeUpdate - ok

18:42:54.0676 5028  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

18:42:54.0749 5028  Smb - ok

18:42:54.0792 5028  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

18:42:54.0828 5028  SNMPTRAP - ok

18:42:54.0842 5028  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

18:42:54.0855 5028  spldr - ok

18:42:54.0904 5028  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe

18:42:54.0966 5028  Spooler - ok

18:42:55.0154 5028  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe

18:42:55.0337 5028  sppsvc - ok

18:42:55.0353 5028  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

18:42:55.0389 5028  sppuinotify - ok

18:42:55.0429 5028  [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE

18:42:55.0457 5028  SQLAgent$SQLEXPRESS - ok

18:42:55.0524 5028  [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

18:42:55.0554 5028  SQLBrowser - ok

18:42:55.0722 5028  [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

18:42:55.0748 5028  SQLWriter - ok

18:42:55.0918 5028  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys

18:42:55.0994 5028  srv - ok

18:42:56.0075 5028  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

18:42:56.0124 5028  srv2 - ok

18:42:56.0155 5028  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

18:42:56.0180 5028  srvnet - ok

18:42:56.0210 5028  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

18:42:56.0253 5028  SSDPSRV - ok

18:42:56.0344 5028  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

18:42:56.0443 5028  SstpSvc - ok

18:42:56.0534 5028  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys

18:42:56.0561 5028  stexstor - ok

18:42:56.0635 5028  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll

18:42:56.0703 5028  stisvc - ok

18:42:56.0740 5028  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys

18:42:56.0767 5028  storflt - ok

18:42:56.0790 5028  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll

18:42:56.0847 5028  StorSvc - ok

18:42:56.0860 5028  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys

18:42:56.0876 5028  storvsc - ok

18:42:56.0890 5028  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

18:42:56.0902 5028  swenum - ok

18:42:56.0926 5028  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

18:42:56.0967 5028  swprv - ok

18:42:57.0222 5028  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll

18:42:57.0349 5028  SysMain - ok

18:42:57.0394 5028  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

18:42:57.0418 5028  TabletInputService - ok

18:42:57.0433 5028  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll

18:42:57.0483 5028  TapiSrv - ok

18:42:57.0535 5028  [ 048CFE7569D6ADCAB9349BB1A566A79E ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys

18:42:57.0555 5028  tbhsd - ok

18:42:57.0621 5028  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

18:42:57.0676 5028  TBS - ok

18:42:58.0168 5028  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

18:42:58.0246 5028  Tcpip - ok

18:42:58.0288 5028  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

18:42:58.0323 5028  TCPIP6 - ok

18:42:58.0369 5028  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

18:42:58.0395 5028  tcpipreg - ok

18:42:58.0483 5028  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

18:42:58.0549 5028  TDPIPE - ok

18:42:58.0586 5028  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

18:42:58.0627 5028  TDTCP - ok

18:42:58.0655 5028  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

18:42:58.0699 5028  tdx - ok

18:42:59.0180 5028  [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

18:42:59.0237 5028  TeamViewer7 - ok

18:42:59.0293 5028  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

18:42:59.0321 5028  TermDD - ok

18:42:59.0560 5028  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll

18:42:59.0650 5028  TermService - ok

18:42:59.0677 5028  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

18:42:59.0719 5028  Themes - ok

18:42:59.0763 5028  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

18:42:59.0803 5028  THREADORDER - ok

18:42:59.0931 5028  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

18:43:00.0039 5028  TrkWks - ok

18:43:00.0103 5028  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

18:43:00.0175 5028  TrustedInstaller - ok

18:43:00.0194 5028  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

18:43:00.0273 5028  tssecsrv - ok

18:43:00.0301 5028  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

18:43:00.0359 5028  TsUsbFlt - ok

18:43:00.0405 5028  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys

18:43:00.0489 5028  TsUsbGD - ok

18:43:00.0523 5028  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

18:43:00.0574 5028  tunnel - ok

18:43:00.0620 5028  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

18:43:00.0646 5028  uagp35 - ok

18:43:00.0757 5028  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

18:43:00.0866 5028  udfs - ok

18:43:00.0963 5028  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

18:43:01.0012 5028  UI0Detect - ok

18:43:01.0035 5028  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

18:43:01.0052 5028  uliagpkx - ok

18:43:01.0076 5028  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

18:43:01.0108 5028  umbus - ok

18:43:01.0126 5028  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys

18:43:01.0169 5028  UmPass - ok

18:43:01.0189 5028  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll

18:43:01.0234 5028  UmRdpService - ok

18:43:01.0260 5028  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

18:43:01.0375 5028  upnphost - ok

18:43:01.0466 5028  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

18:43:01.0483 5028  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

18:43:01.0483 5028  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

18:43:01.0536 5028  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

18:43:01.0568 5028  usbaudio - ok

18:43:01.0620 5028  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

18:43:01.0696 5028  usbccgp - ok

18:43:01.0733 5028  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

18:43:01.0762 5028  usbcir - ok

18:43:01.0835 5028  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

18:43:01.0879 5028  usbehci - ok

18:43:01.0923 5028  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

18:43:01.0967 5028  usbhub - ok

18:43:01.0986 5028  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

18:43:02.0004 5028  usbohci - ok

18:43:02.0042 5028  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

18:43:02.0074 5028  usbprint - ok

18:43:02.0114 5028  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

18:43:02.0145 5028  usbscan - ok

18:43:02.0183 5028  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:43:02.0238 5028  USBSTOR - ok

18:43:02.0250 5028  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

18:43:02.0283 5028  usbuhci - ok

18:43:02.0329 5028  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys

18:43:02.0380 5028  usbvideo - ok

18:43:02.0450 5028  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

18:43:02.0516 5028  UxSms - ok

18:43:02.0565 5028  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe

18:43:02.0594 5028  VaultSvc - ok

18:43:02.0676 5028  [ 6372EAA7CC0E8A2FC4BE7B3F2DE1ED62 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys

18:43:02.0698 5028  VBoxDrv - ok

18:43:02.0787 5028  [ B996117F6202464A56901CBC13999FE2 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys

18:43:02.0803 5028  VBoxNetAdp - ok

18:43:02.0813 5028  [ 89835A2F779979F1D545E40F36D737E0 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys

18:43:02.0825 5028  VBoxNetFlt - ok

18:43:02.0855 5028  [ F9BD6CFF0376D1DADDB1CB2F794D9BC7 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys

18:43:02.0867 5028  VBoxUSBMon - ok

18:43:02.0911 5028  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

18:43:02.0923 5028  vdrvroot - ok

18:43:03.0014 5028  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe

18:43:03.0072 5028  vds - ok

18:43:03.0106 5028  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

18:43:03.0122 5028  vga - ok

18:43:03.0138 5028  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

18:43:03.0197 5028  VgaSave - ok

18:43:03.0237 5028  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

18:43:03.0292 5028  vhdmp - ok

18:43:03.0322 5028  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys

18:43:03.0335 5028  viaide - ok

18:43:03.0458 5028  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys

18:43:03.0508 5028  vmbus - ok

18:43:03.0541 5028  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys

18:43:03.0593 5028  VMBusHID - ok

18:43:03.0626 5028  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

18:43:03.0686 5028  volmgr - ok

18:43:03.0815 5028  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

18:43:03.0890 5028  volmgrx - ok

18:43:03.0960 5028  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

18:43:03.0992 5028  volsnap - ok

18:43:04.0066 5028  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

18:43:04.0091 5028  vsmraid - ok

18:43:04.0278 5028  [ CA64A8838B4674D14BDF88ABA2F253EA ] VSPerfDrv100    C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys

18:43:04.0307 5028  VSPerfDrv100 - ok

18:43:04.0603 5028  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe

18:43:04.0764 5028  VSS - ok

18:43:04.0800 5028  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

18:43:04.0861 5028  vwifibus - ok

18:43:04.0890 5028  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

18:43:04.0953 5028  vwififlt - ok

18:43:05.0149 5028  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

18:43:05.0191 5028  W32Time - ok

18:43:05.0229 5028  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

18:43:05.0288 5028  WacomPen - ok

18:43:05.0328 5028  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

18:43:05.0378 5028  WANARP - ok

18:43:05.0383 5028  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

18:43:05.0422 5028  Wanarpv6 - ok

18:43:05.0496 5028  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe

18:43:05.0548 5028  wbengine - ok

18:43:05.0562 5028  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

18:43:05.0583 5028  WbioSrvc - ok

18:43:05.0608 5028  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll

18:43:05.0657 5028  wcncsvc - ok

18:43:05.0676 5028  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

18:43:05.0719 5028  WcsPlugInService - ok

18:43:05.0734 5028  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys

18:43:05.0746 5028  Wd - ok

18:43:05.0934 5028  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

18:43:05.0974 5028  Wdf01000 - ok

18:43:06.0016 5028  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll

18:43:06.0122 5028  WdiServiceHost - ok

18:43:06.0127 5028  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

18:43:06.0147 5028  WdiSystemHost - ok

18:43:06.0217 5028  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll

18:43:06.0312 5028  WebClient - ok

18:43:06.0378 5028  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

18:43:06.0499 5028  Wecsvc - ok

18:43:06.0542 5028  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

18:43:06.0621 5028  wercplsupport - ok

18:43:06.0651 5028  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

18:43:06.0703 5028  WerSvc - ok

18:43:06.0724 5028  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

18:43:06.0765 5028  WfpLwf - ok

18:43:06.0788 5028  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

18:43:06.0804 5028  WIMMount - ok

18:43:06.0827 5028  WinDefend - ok

18:43:06.0834 5028  WinHttpAutoProxySvc - ok

18:43:06.0943 5028  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

18:43:07.0002 5028  Winmgmt - ok

18:43:07.0398 5028  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll

18:43:07.0471 5028  WinRM - ok

18:43:07.0559 5028  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

18:43:07.0605 5028  WinUsb - ok

18:43:07.0668 5028  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

18:43:07.0727 5028  Wlansvc - ok

18:43:07.0732 5028  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

18:43:07.0745 5028  WmiAcpi - ok

18:43:07.0792 5028  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

18:43:07.0848 5028  wmiApSrv - ok

18:43:07.0864 5028  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

18:43:07.0888 5028  WPCSvc - ok

18:43:07.0908 5028  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

18:43:07.0943 5028  WPDBusEnum - ok

18:43:07.0973 5028  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

18:43:08.0007 5028  ws2ifsl - ok

18:43:08.0056 5028  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll

18:43:08.0111 5028  wscsvc - ok

18:43:08.0153 5028  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys

18:43:08.0204 5028  WSDPrintDevice - ok

18:43:08.0211 5028  WSearch - ok

18:43:08.0447 5028  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

18:43:08.0504 5028  wuauserv - ok

18:43:08.0542 5028  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

18:43:08.0623 5028  WudfPf - ok

18:43:08.0658 5028  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

18:43:08.0683 5028  WUDFRd - ok

18:43:08.0718 5028  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

18:43:08.0748 5028  wudfsvc - ok

18:43:08.0816 5028  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll

18:43:08.0864 5028  WwanSvc - ok

18:43:08.0910 5028  ================ Scan global ===============================

18:43:08.0920 5028  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

18:43:08.0961 5028  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll

18:43:08.0975 5028  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll

18:43:09.0004 5028  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

18:43:09.0045 5028  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

18:43:09.0050 5028  [Global] - ok

18:43:09.0051 5028  ================ Scan MBR ==================================

18:43:09.0079 5028  [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk1\DR1

18:43:09.0280 5028  \Device\Harddisk1\DR1 ( TDSS File System ) - warning

18:43:09.0280 5028  \Device\Harddisk1\DR1 - detected TDSS File System (1)

18:43:09.0286 5028  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

18:43:09.0512 5028  \Device\Harddisk0\DR0 - ok

18:43:09.0513 5028  ================ Scan VBR ==================================

18:43:09.0517 5028  [ 6C2738E7F7F3B3B7C5F11C0D131734BD ] \Device\Harddisk1\DR1\Partition1

18:43:09.0519 5028  \Device\Harddisk1\DR1\Partition1 - ok

18:43:09.0535 5028  [ 26502E5E709C356C1AF11BBC182DBB12 ] \Device\Harddisk1\DR1\Partition2

18:43:09.0538 5028  \Device\Harddisk1\DR1\Partition2 - ok

18:43:09.0541 5028  [ 79623ABDFBB438E94400FA1022207885 ] \Device\Harddisk0\DR0\Partition1

18:43:09.0543 5028  \Device\Harddisk0\DR0\Partition1 - ok

18:43:09.0547 5028  [ 2DC892443313CE58F1088D5C027A2571 ] \Device\Harddisk0\DR0\Partition2

18:43:09.0549 5028  \Device\Harddisk0\DR0\Partition2 - ok

18:43:09.0550 5028  ============================================================

18:43:09.0550 5028  Scan finished

18:43:09.0550 5028  ============================================================

18:43:09.0562 1576  Detected object count: 3

18:43:09.0562 1576  Actual detected object count: 3

18:44:11.0958 1576  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

18:44:11.0958 1576  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:44:11.0959 1576  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

18:44:11.0959 1576  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:44:11.0959 1576  \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user

18:44:11.0959 1576  \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip 

18:44:25.0458 2508  Deinitialize success

Code:

\Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user

Diesen Eintrag bitte mit dem TDSS-Killer fixen. Aber bitte nur diesen Eintrag!

Um das zu tun musst du den TDSS-Killer neu starten und einen neuen Scan machen. Wenn du danach die Ergebnisse siehst, stellst du bitte diesen Eintrag auf CURE bzw. DELETE (je nachdem was dir angeboten wird, alle anderen bitte auf SKIP lassen! ) und klickst dann unten rechts auf continue

Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.

Was bedeutet das?

Code:

17:48:37.0712 0776  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

17:48:37.0924 0776  ============================================================

17:48:37.0924 0776  Current date / time: 2012/12/18 17:48:37.0924

17:48:37.0924 0776  SystemInfo:

17:48:37.0924 0776  

17:48:37.0924 0776  OS Version: 6.1.7601 ServicePack: 1.0

17:48:37.0924 0776  Product type: Workstation

17:48:37.0924 0776  ComputerName: BOMBERCHEN

17:48:37.0925 0776  UserName: Skywalk3r

17:48:37.0925 0776  Windows directory: C:\Windows

17:48:37.0925 0776  System windows directory: C:\Windows

17:48:37.0925 0776  Running under WOW64

17:48:37.0925 0776  Processor architecture: Intel x64

17:48:37.0925 0776  Number of processors: 4

17:48:37.0925 0776  Page size: 0x1000

17:48:37.0925 0776  Boot type: Normal boot

17:48:37.0925 0776  ============================================================

17:48:39.0211 0776  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

17:48:39.0230 0776  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

17:48:39.0238 0776  ============================================================

17:48:39.0238 0776  \Device\Harddisk1\DR1:

17:48:39.0238 0776  MBR partitions:

17:48:39.0238 0776  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3D7AD800

17:48:39.0238 0776  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3D7AF94E, BlocksNum 0x36F56073

17:48:39.0238 0776  \Device\Harddisk0\DR0:

17:48:39.0238 0776  MBR partitions:

17:48:39.0238 0776  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

17:48:39.0238 0776  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x24ACF800

17:48:39.0285 0776  ============================================================

17:48:39.0322 0776  C: <-> \Device\Harddisk1\DR1\Partition2

17:48:39.0341 0776  E: <-> \Device\Harddisk1\DR1\Partition1

17:48:39.0370 0776  F: <-> \Device\Harddisk0\DR0\Partition1

17:48:39.0376 0776  G: <-> \Device\Harddisk0\DR0\Partition2

17:48:39.0376 0776  ============================================================

17:48:39.0377 0776  Initialize success

17:48:39.0377 0776  ============================================================

17:48:46.0278 4680  ============================================================

17:48:46.0278 4680  Scan started

17:48:46.0278 4680  Mode: Manual; SigCheck; TDLFS; 

17:48:46.0278 4680  ============================================================

17:48:47.0610 4680  ================ Scan system memory ========================

17:48:47.0611 4680  System memory - ok

17:48:47.0611 4680  ================ Scan services =============================

17:48:47.0726 4680  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

17:48:47.0854 4680  1394ohci - ok

17:48:47.0870 4680  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

17:48:47.0888 4680  ACPI - ok

17:48:47.0908 4680  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

17:48:48.0040 4680  AcpiPmi - ok

17:48:48.0303 4680  [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

17:48:48.0328 4680  AdobeFlashPlayerUpdateSvc - ok

17:48:48.0401 4680  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

17:48:48.0439 4680  adp94xx - ok

17:48:48.0468 4680  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys

17:48:48.0485 4680  adpahci - ok

17:48:48.0492 4680  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

17:48:48.0507 4680  adpu320 - ok

17:48:48.0524 4680  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

17:48:48.0679 4680  AeLookupSvc - ok

17:48:48.0739 4680  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys

17:48:48.0806 4680  AFD - ok

17:48:48.0825 4680  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys

17:48:48.0842 4680  agp440 - ok

17:48:48.0847 4680  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

17:48:48.0892 4680  ALG - ok

17:48:48.0898 4680  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys

17:48:48.0910 4680  aliide - ok

17:48:48.0961 4680  [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

17:48:49.0023 4680  AMD External Events Utility - ok

17:48:49.0027 4680  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys

17:48:49.0039 4680  amdide - ok

17:48:49.0042 4680  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

17:48:49.0069 4680  AmdK8 - ok

17:48:49.0296 4680  [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

17:48:49.0580 4680  amdkmdag - ok

17:48:49.0624 4680  [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys

17:48:49.0683 4680  amdkmdap - ok

17:48:49.0688 4680  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys

17:48:49.0723 4680  AmdPPM - ok

17:48:49.0757 4680  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

17:48:49.0773 4680  amdsata - ok

17:48:49.0796 4680  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

17:48:49.0813 4680  amdsbs - ok

17:48:49.0822 4680  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

17:48:49.0835 4680  amdxata - ok

17:48:49.0852 4680  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys

17:48:49.0997 4680  AppID - ok

17:48:50.0028 4680  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

17:48:50.0064 4680  AppIDSvc - ok

17:48:50.0072 4680  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll

17:48:50.0129 4680  Appinfo - ok

17:48:50.0228 4680  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

17:48:50.0250 4680  Apple Mobile Device - ok

17:48:50.0293 4680  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll

17:48:50.0332 4680  AppMgmt - ok

17:48:50.0352 4680  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys

17:48:50.0374 4680  arc - ok

17:48:50.0383 4680  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys

17:48:50.0400 4680  arcsas - ok

17:48:50.0535 4680  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

17:48:50.0600 4680  aspnet_state - ok

17:48:50.0627 4680  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

17:48:50.0709 4680  AsyncMac - ok

17:48:50.0731 4680  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys

17:48:50.0742 4680  atapi - ok

17:48:50.0783 4680  [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

17:48:50.0798 4680  AtiHDAudioService - ok

17:48:50.0821 4680  [ 7E2F5A758F63F80F8B03F889B4E6B19F ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys

17:48:50.0833 4680  AtiHdmiService - ok

17:48:50.0873 4680  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

17:48:50.0939 4680  AudioEndpointBuilder - ok

17:48:50.0947 4680  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

17:48:50.0986 4680  AudioSrv - ok

17:48:51.0011 4680  [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject        C:\Windows\system32\drivers\avmeject.sys

17:48:51.0022 4680  avmeject - ok

17:48:51.0045 4680  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll

17:48:51.0133 4680  AxInstSV - ok

17:48:51.0171 4680  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

17:48:51.0237 4680  b06bdrv - ok

17:48:51.0257 4680  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

17:48:51.0309 4680  b57nd60a - ok

17:48:51.0334 4680  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

17:48:51.0382 4680  BDESVC - ok

17:48:51.0393 4680  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

17:48:51.0432 4680  Beep - ok

17:48:51.0481 4680  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll

17:48:51.0555 4680  BFE - ok

17:48:51.0604 4680  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll

17:48:51.0688 4680  BITS - ok

17:48:51.0699 4680  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

17:48:51.0723 4680  blbdrive - ok

17:48:51.0817 4680  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

17:48:51.0842 4680  Bonjour Service - ok

17:48:51.0865 4680  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

17:48:51.0895 4680  bowser - ok

17:48:51.0911 4680  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys

17:48:51.0945 4680  BrFiltLo - ok

17:48:51.0966 4680  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys

17:48:51.0981 4680  BrFiltUp - ok

17:48:52.0029 4680  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys

17:48:52.0077 4680  BridgeMP - ok

17:48:52.0110 4680  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll

17:48:52.0159 4680  Browser - ok

17:48:52.0215 4680  [ 91EB9C1FC4A4221CA3CCBD864F815C30 ] BrPar           C:\Windows\System32\drivers\BrPar64a.sys

17:48:52.0238 4680  BrPar - ok

17:48:52.0256 4680  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

17:48:52.0330 4680  Brserid - ok

17:48:52.0344 4680  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

17:48:52.0383 4680  BrSerWdm - ok

17:48:52.0402 4680  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

17:48:52.0440 4680  BrUsbMdm - ok

17:48:52.0443 4680  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

17:48:52.0469 4680  BrUsbSer - ok

17:48:52.0490 4680  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

17:48:52.0530 4680  BTHMODEM - ok

17:48:52.0571 4680  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

17:48:52.0607 4680  bthserv - ok

17:48:52.0664 4680  catchme - ok

17:48:52.0680 4680  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

17:48:52.0740 4680  cdfs - ok

17:48:52.0765 4680  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

17:48:52.0797 4680  cdrom - ok

17:48:52.0821 4680  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll

17:48:52.0871 4680  CertPropSvc - ok

17:48:52.0899 4680  CFRMD - ok

17:48:52.0911 4680  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys

17:48:52.0927 4680  circlass - ok

17:48:52.0948 4680  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

17:48:52.0965 4680  CLFS - ok

17:48:53.0060 4680  [ 5724D9ECBF2A378EBF85FDC3BDA01F98 ] CLPSLauncher    C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe

17:48:53.0072 4680  CLPSLauncher - ok

17:48:53.0106 4680  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:48:53.0117 4680  clr_optimization_v2.0.50727_32 - ok

17:48:53.0142 4680  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

17:48:53.0153 4680  clr_optimization_v2.0.50727_64 - ok

17:48:53.0233 4680  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:48:53.0333 4680  clr_optimization_v4.0.30319_32 - ok

17:48:53.0356 4680  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

17:48:53.0393 4680  clr_optimization_v4.0.30319_64 - ok

17:48:53.0413 4680  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys

17:48:53.0439 4680  CmBatt - ok

17:48:53.0574 4680  [ 65FB5097D9EE7E3A99E932CFA0E4B344 ] cmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

17:48:53.0627 4680  cmdAgent - ok

17:48:53.0685 4680  [ 2D6DC31AA55BFF702519235DEF0DA68E ] cmderd          C:\Windows\system32\DRIVERS\cmderd.sys

17:48:53.0709 4680  cmderd - ok

17:48:53.0734 4680  [ 919ACCC22ABDC1C3CA68326C0E5DEAF9 ] cmdGuard        C:\Windows\system32\DRIVERS\cmdguard.sys

17:48:53.0758 4680  cmdGuard - ok

17:48:53.0773 4680  [ F8FECE0F1D44C4A58778083B00EEADAC ] cmdHlp          C:\Windows\system32\DRIVERS\cmdhlp.sys

17:48:53.0784 4680  cmdHlp - ok

17:48:53.0811 4680  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys

17:48:53.0823 4680  cmdide - ok

17:48:53.0859 4680  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys

17:48:53.0889 4680  CNG - ok

17:48:53.0892 4680  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

17:48:53.0904 4680  Compbatt - ok

17:48:53.0931 4680  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

17:48:53.0967 4680  CompositeBus - ok

17:48:53.0983 4680  COMSysApp - ok

17:48:53.0997 4680  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

17:48:54.0009 4680  crcdisk - ok

17:48:54.0059 4680  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll

17:48:54.0127 4680  CryptSvc - ok

17:48:54.0158 4680  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys

17:48:54.0215 4680  CSC - ok

17:48:54.0249 4680  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll

17:48:54.0307 4680  CscService - ok

17:48:54.0353 4680  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll

17:48:54.0440 4680  DcomLaunch - ok

17:48:54.0476 4680  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

17:48:54.0530 4680  defragsvc - ok

17:48:54.0551 4680  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

17:48:54.0596 4680  DfsC - ok

17:48:54.0621 4680  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll

17:48:54.0667 4680  Dhcp - ok

17:48:54.0677 4680  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

17:48:54.0721 4680  discache - ok

17:48:54.0743 4680  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys

17:48:54.0756 4680  Disk - ok

17:48:54.0780 4680  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys

17:48:54.0834 4680  dmvsc - ok

17:48:54.0853 4680  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

17:48:54.0891 4680  Dnscache - ok

17:48:54.0904 4680  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll

17:48:54.0960 4680  dot3svc - ok

17:48:54.0975 4680  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll

17:48:55.0029 4680  DPS - ok

17:48:55.0235 4680  [ 1CBFEB6B8169C35A8B2D0E43131BA63D ] DragonUpdater   C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe

17:48:55.0286 4680  DragonUpdater - ok

17:48:55.0322 4680  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

17:48:55.0349 4680  drmkaud - ok

17:48:55.0398 4680  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys

17:48:55.0423 4680  dtsoftbus01 - ok

17:48:55.0459 4680  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

17:48:55.0484 4680  DXGKrnl - ok

17:48:55.0496 4680  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

17:48:55.0545 4680  EapHost - ok

17:48:55.0660 4680  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys

17:48:55.0800 4680  ebdrv - ok

17:48:55.0831 4680  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe

17:48:55.0876 4680  EFS - ok

17:48:55.0897 4680  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

17:48:55.0918 4680  elxstor - ok

17:48:55.0928 4680  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys

17:48:55.0955 4680  ErrDev - ok

17:48:55.0985 4680  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

17:48:56.0043 4680  EventSystem - ok

17:48:56.0060 4680  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

17:48:56.0098 4680  exfat - ok

17:48:56.0117 4680  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

17:48:56.0166 4680  fastfat - ok

17:48:56.0200 4680  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe

17:48:56.0241 4680  Fax - ok

17:48:56.0258 4680  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys

17:48:56.0271 4680  fdc - ok

17:48:56.0291 4680  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

17:48:56.0326 4680  fdPHost - ok

17:48:56.0333 4680  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

17:48:56.0377 4680  FDResPub - ok

17:48:56.0399 4680  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

17:48:56.0411 4680  FileInfo - ok

17:48:56.0415 4680  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

17:48:56.0467 4680  Filetrace - ok

17:48:56.0486 4680  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys

17:48:56.0499 4680  flpydisk - ok

17:48:56.0517 4680  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

17:48:56.0533 4680  FltMgr - ok

17:48:56.0587 4680  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll

17:48:56.0640 4680  FontCache - ok

17:48:56.0675 4680  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

17:48:56.0686 4680  FontCache3.0.0.0 - ok

17:48:56.0695 4680  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

17:48:56.0709 4680  FsDepends - ok

17:48:56.0748 4680  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

17:48:56.0773 4680  Fs_Rec - ok

17:48:56.0804 4680  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

17:48:56.0842 4680  fvevol - ok

17:48:56.0869 4680  [ 444534CBA693DD23C1CC589681E01656 ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys

17:48:56.0922 4680  FWLANUSB - ok

17:48:56.0937 4680  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

17:48:56.0950 4680  gagp30kx - ok

17:48:56.0991 4680  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

17:48:57.0011 4680  GEARAspiWDM - ok

17:48:57.0077 4680  [ 31B5C233933CAF0FB1499F458F04FD9A ] GeekBuddyRSP    C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe

17:48:57.0113 4680  GeekBuddyRSP - ok

17:48:57.0150 4680  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll

17:48:57.0194 4680  gpsvc - ok

17:48:57.0223 4680  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys

17:48:57.0233 4680  hamachi - ok

17:48:57.0236 4680  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

17:48:57.0272 4680  hcw85cir - ok

17:48:57.0305 4680  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

17:48:57.0340 4680  HdAudAddService - ok

17:48:57.0375 4680  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

17:48:57.0413 4680  HDAudBus - ok

17:48:57.0430 4680  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys

17:48:57.0456 4680  HidBatt - ok

17:48:57.0474 4680  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys

17:48:57.0507 4680  HidBth - ok

17:48:57.0521 4680  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys

17:48:57.0537 4680  HidIr - ok

17:48:57.0542 4680  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll

17:48:57.0588 4680  hidserv - ok

17:48:57.0613 4680  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

17:48:57.0626 4680  HidUsb - ok

17:48:57.0634 4680  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll

17:48:57.0687 4680  hkmsvc - ok

17:48:57.0711 4680  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

17:48:57.0743 4680  HomeGroupListener - ok

17:48:57.0775 4680  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

17:48:57.0826 4680  HomeGroupProvider - ok

17:48:57.0844 4680  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

17:48:57.0865 4680  HpSAMD - ok

17:48:57.0982 4680  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

17:48:58.0120 4680  HTTP - ok

17:48:58.0134 4680  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

17:48:58.0146 4680  hwpolicy - ok

17:48:58.0159 4680  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

17:48:58.0173 4680  i8042prt - ok

17:48:58.0203 4680  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

17:48:58.0222 4680  iaStorV - ok

17:48:58.0291 4680  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

17:48:58.0300 4680  IDriverT ( UnsignedFile.Multi.Generic ) - warning

17:48:58.0300 4680  IDriverT - detected UnsignedFile.Multi.Generic (1)

17:48:58.0340 4680  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

17:48:58.0379 4680  idsvc - ok

17:48:58.0392 4680  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

17:48:58.0404 4680  iirsp - ok

17:48:58.0434 4680  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll

17:48:58.0490 4680  IKEEXT - ok

17:48:58.0550 4680  [ C4E67D3037DC79E39D7136581A947F50 ] inspect         C:\Windows\system32\DRIVERS\inspect.sys

17:48:58.0569 4680  inspect - ok

17:48:58.0654 4680  [ 2B888BBDF6962E608A5E1A1D7A626ADF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

17:48:58.0705 4680  IntcAzAudAddService - ok

17:48:58.0711 4680  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys

17:48:58.0723 4680  intelide - ok

17:48:58.0734 4680  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

17:48:58.0762 4680  intelppm - ok

17:48:58.0782 4680  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

17:48:58.0831 4680  IPBusEnum - ok

17:48:58.0853 4680  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:48:58.0888 4680  IpFilterDriver - ok

17:48:58.0924 4680  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

17:48:58.0966 4680  iphlpsvc - ok

17:48:58.0985 4680  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

17:48:59.0012 4680  IPMIDRV - ok

17:48:59.0030 4680  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

17:48:59.0076 4680  IPNAT - ok

17:48:59.0148 4680  [ B474C756C13960793C7583B766F904C4 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

17:48:59.0166 4680  iPod Service - ok

17:48:59.0179 4680  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

17:48:59.0215 4680  IRENUM - ok

17:48:59.0236 4680  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

17:48:59.0248 4680  isapnp - ok

17:48:59.0265 4680  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

17:48:59.0282 4680  iScsiPrt - ok

17:48:59.0301 4680  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

17:48:59.0314 4680  kbdclass - ok

17:48:59.0331 4680  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

17:48:59.0360 4680  kbdhid - ok

17:48:59.0376 4680  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe

17:48:59.0389 4680  KeyIso - ok

17:48:59.0422 4680  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

17:48:59.0451 4680  KSecDD - ok

17:48:59.0474 4680  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

17:48:59.0488 4680  KSecPkg - ok

17:48:59.0511 4680  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

17:48:59.0560 4680  ksthunk - ok

17:48:59.0606 4680  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

17:48:59.0688 4680  KtmRm - ok

17:48:59.0765 4680  [ 7D80A55B6D0C2A54728158E846F4696D ] L8042Kbd        C:\Windows\system32\DRIVERS\L8042Kbd.sys

17:48:59.0788 4680  L8042Kbd - ok

17:48:59.0817 4680  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll

17:48:59.0887 4680  LanmanServer - ok

17:48:59.0912 4680  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

17:48:59.0956 4680  LanmanWorkstation - ok

17:48:59.0980 4680  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys

17:48:59.0992 4680  LHidFilt - ok

17:49:00.0021 4680  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

17:49:00.0074 4680  lltdio - ok

17:49:00.0099 4680  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

17:49:00.0155 4680  lltdsvc - ok

17:49:00.0183 4680  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

17:49:00.0231 4680  lmhosts - ok

17:49:00.0252 4680  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys

17:49:00.0263 4680  LMouFilt - ok

17:49:00.0290 4680  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

17:49:00.0303 4680  LSI_FC - ok

17:49:00.0317 4680  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

17:49:00.0330 4680  LSI_SAS - ok

17:49:00.0340 4680  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

17:49:00.0353 4680  LSI_SAS2 - ok

17:49:00.0365 4680  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

17:49:00.0378 4680  LSI_SCSI - ok

17:49:00.0403 4680  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

17:49:00.0453 4680  luafv - ok

17:49:00.0515 4680  [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys

17:49:00.0537 4680  LUsbFilt - ok

17:49:00.0701 4680  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

17:49:00.0732 4680  MDM - ok

17:49:00.0743 4680  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys

17:49:00.0756 4680  megasas - ok

17:49:00.0767 4680  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

17:49:00.0784 4680  MegaSR - ok

17:49:00.0796 4680  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

17:49:00.0846 4680  MMCSS - ok

17:49:00.0868 4680  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

17:49:00.0920 4680  Modem - ok

17:49:00.0953 4680  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

17:49:00.0995 4680  monitor - ok

17:49:01.0012 4680  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

17:49:01.0027 4680  mouclass - ok

17:49:01.0121 4680  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

17:49:01.0225 4680  mouhid - ok

17:49:01.0266 4680  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

17:49:01.0291 4680  mountmgr - ok

17:49:01.0329 4680  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

17:49:01.0350 4680  MozillaMaintenance - ok

17:49:01.0359 4680  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys

17:49:01.0378 4680  mpio - ok

17:49:01.0390 4680  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

17:49:01.0425 4680  mpsdrv - ok

17:49:01.0451 4680  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll

17:49:01.0495 4680  MpsSvc - ok

17:49:01.0504 4680  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

17:49:01.0539 4680  MRxDAV - ok

17:49:01.0566 4680  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

17:49:01.0598 4680  mrxsmb - ok

17:49:01.0614 4680  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:49:01.0649 4680  mrxsmb10 - ok

17:49:01.0680 4680  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:49:01.0694 4680  mrxsmb20 - ok

17:49:01.0697 4680  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys

17:49:01.0709 4680  msahci - ok

17:49:01.0726 4680  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

17:49:01.0740 4680  msdsm - ok

17:49:01.0744 4680  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

17:49:01.0768 4680  MSDTC - ok

17:49:01.0791 4680  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

17:49:01.0841 4680  Msfs - ok

17:49:01.0860 4680  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

17:49:01.0895 4680  mshidkmdf - ok

17:49:01.0924 4680  [ 0BBE794E0C54621CFA8ED9B5850BAAAE ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys

17:49:01.0934 4680  MSHUSBVideo - ok

17:49:01.0951 4680  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

17:49:01.0962 4680  msisadrv - ok

17:49:01.0985 4680  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

17:49:02.0023 4680  MSiSCSI - ok

17:49:02.0027 4680  msiserver - ok

17:49:02.0054 4680  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

17:49:02.0112 4680  MSKSSRV - ok

17:49:02.0115 4680  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

17:49:02.0160 4680  MSPCLOCK - ok

17:49:02.0178 4680  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

17:49:02.0213 4680  MSPQM - ok

17:49:02.0231 4680  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

17:49:02.0249 4680  MsRPC - ok

17:49:02.0264 4680  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

17:49:02.0277 4680  mssmbios - ok

17:49:02.0351 4680  MSSQL$SQLEXPRESS - ok

17:49:02.0416 4680  [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

17:49:02.0435 4680  MSSQLServerADHelper100 - ok

17:49:02.0443 4680  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

17:49:02.0481 4680  MSTEE - ok

17:49:02.0485 4680  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys

17:49:02.0498 4680  MTConfig - ok

17:49:02.0509 4680  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

17:49:02.0521 4680  Mup - ok

17:49:02.0550 4680  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll

17:49:02.0591 4680  napagent - ok

17:49:02.0628 4680  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

17:49:02.0684 4680  NativeWifiP - ok

17:49:02.0757 4680  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys

17:49:02.0799 4680  NDIS - ok

17:49:02.0802 4680  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

17:49:02.0838 4680  NdisCap - ok

17:49:02.0861 4680  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

17:49:02.0896 4680  NdisTapi - ok

17:49:02.0905 4680  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

17:49:02.0940 4680  Ndisuio - ok

17:49:02.0959 4680  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

17:49:03.0007 4680  NdisWan - ok

17:49:03.0021 4680  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

17:49:03.0068 4680  NDProxy - ok

17:49:03.0085 4680  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

17:49:03.0135 4680  NetBIOS - ok

17:49:03.0157 4680  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

17:49:03.0195 4680  NetBT - ok

17:49:03.0209 4680  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe

17:49:03.0223 4680  Netlogon - ok

17:49:03.0260 4680  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

17:49:03.0346 4680  Netman - ok

17:49:03.0392 4680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:49:03.0426 4680  NetMsmqActivator - ok

17:49:03.0450 4680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:49:03.0472 4680  NetPipeActivator - ok

17:49:03.0486 4680  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

17:49:03.0544 4680  netprofm - ok

17:49:03.0547 4680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:49:03.0558 4680  NetTcpActivator - ok

17:49:03.0561 4680  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:49:03.0573 4680  NetTcpPortSharing - ok

17:49:03.0576 4680  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

17:49:03.0588 4680  nfrd960 - ok

17:49:03.0619 4680  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll

17:49:03.0667 4680  NlaSvc - ok

17:49:03.0682 4680  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

17:49:03.0724 4680  Npfs - ok

17:49:03.0734 4680  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

17:49:03.0780 4680  nsi - ok

17:49:03.0799 4680  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

17:49:03.0845 4680  nsiproxy - ok

17:49:03.0906 4680  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

17:49:03.0990 4680  Ntfs - ok

17:49:04.0004 4680  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

17:49:04.0054 4680  Null - ok

17:49:04.0080 4680  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys

17:49:04.0094 4680  nvraid - ok

17:49:04.0130 4680  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys

17:49:04.0145 4680  nvstor - ok

17:49:04.0164 4680  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

17:49:04.0178 4680  nv_agp - ok

17:49:04.0194 4680  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

17:49:04.0223 4680  ohci1394 - ok

17:49:04.0292 4680  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

17:49:04.0315 4680  ose - ok

17:49:04.0345 4680  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

17:49:04.0402 4680  p2pimsvc - ok

17:49:04.0410 4680  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

17:49:04.0433 4680  p2psvc - ok

17:49:04.0451 4680  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

17:49:04.0481 4680  Parport - ok

17:49:04.0506 4680  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys

17:49:04.0518 4680  partmgr - ok

17:49:04.0530 4680  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

17:49:04.0560 4680  PcaSvc - ok

17:49:04.0591 4680  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys

17:49:04.0605 4680  pci - ok

17:49:04.0617 4680  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys

17:49:04.0629 4680  pciide - ok

17:49:04.0639 4680  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

17:49:04.0654 4680  pcmcia - ok

17:49:04.0670 4680  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

17:49:04.0682 4680  pcw - ok

17:49:04.0697 4680  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

17:49:04.0757 4680  PEAUTH - ok

17:49:04.0814 4680  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll

17:49:04.0890 4680  PeerDistSvc - ok

17:49:04.0946 4680  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

17:49:04.0980 4680  PerfHost - ok

17:49:05.0048 4680  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll

17:49:05.0134 4680  pla - ok

17:49:05.0179 4680  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

17:49:05.0233 4680  PlugPlay - ok

17:49:05.0247 4680  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

17:49:05.0271 4680  PNRPAutoReg - ok

17:49:05.0289 4680  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

17:49:05.0304 4680  PNRPsvc - ok

17:49:05.0336 4680  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

17:49:05.0412 4680  PolicyAgent - ok

17:49:05.0447 4680  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll

17:49:05.0493 4680  Power - ok

17:49:05.0516 4680  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

17:49:05.0553 4680  PptpMiniport - ok

17:49:05.0568 4680  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys

17:49:05.0598 4680  Processor - ok

17:49:05.0632 4680  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll

17:49:05.0693 4680  ProfSvc - ok

17:49:05.0709 4680  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

17:49:05.0735 4680  ProtectedStorage - ok

17:49:05.0757 4680  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

17:49:05.0819 4680  Psched - ok

17:49:05.0865 4680  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys

17:49:05.0903 4680  ql2300 - ok

17:49:05.0913 4680  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

17:49:05.0927 4680  ql40xx - ok

17:49:05.0953 4680  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

17:49:05.0974 4680  QWAVE - ok

17:49:05.0990 4680  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

17:49:06.0008 4680  QWAVEdrv - ok

17:49:06.0014 4680  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

17:49:06.0049 4680  RasAcd - ok

17:49:06.0073 4680  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

17:49:06.0108 4680  RasAgileVpn - ok

17:49:06.0119 4680  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

17:49:06.0165 4680  RasAuto - ok

17:49:06.0184 4680  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

17:49:06.0220 4680  Rasl2tp - ok

17:49:06.0238 4680  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll

17:49:06.0277 4680  RasMan - ok

17:49:06.0299 4680  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

17:49:06.0346 4680  RasPppoe - ok

17:49:06.0366 4680  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

17:49:06.0431 4680  RasSstp - ok

17:49:06.0453 4680  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

17:49:06.0490 4680  rdbss - ok

17:49:06.0506 4680  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

17:49:06.0536 4680  rdpbus - ok

17:49:06.0550 4680  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

17:49:06.0584 4680  RDPCDD - ok

17:49:06.0601 4680  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

17:49:06.0623 4680  RDPDR - ok

17:49:06.0635 4680  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

17:49:06.0686 4680  RDPENCDD - ok

17:49:06.0691 4680  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

17:49:06.0725 4680  RDPREFMP - ok

17:49:06.0758 4680  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

17:49:06.0804 4680  RDPWD - ok

17:49:06.0823 4680  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

17:49:06.0853 4680  rdyboost - ok

17:49:06.0884 4680  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

17:49:06.0965 4680  RemoteAccess - ok

17:49:06.0995 4680  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

17:49:07.0049 4680  RemoteRegistry - ok

17:49:07.0063 4680  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

17:49:07.0116 4680  RpcEptMapper - ok

17:49:07.0142 4680  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

17:49:07.0181 4680  RpcLocator - ok

17:49:07.0207 4680  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll

17:49:07.0250 4680  RpcSs - ok

17:49:07.0289 4680  [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCap        C:\Windows\system32\DRIVERS\rrnetcap.sys

17:49:07.0299 4680  RRNetCap - ok

17:49:07.0302 4680  [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCapMP      C:\Windows\system32\DRIVERS\rrnetcap.sys

17:49:07.0312 4680  RRNetCapMP - ok

17:49:07.0356 4680  [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys

17:49:07.0381 4680  RsFx0103 - ok

17:49:07.0398 4680  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

17:49:07.0440 4680  rspndr - ok

17:49:07.0481 4680  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

17:49:07.0499 4680  RTL8167 - ok

17:49:07.0517 4680  RTL8192cu - ok

17:49:07.0541 4680  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys

17:49:07.0568 4680  s3cap - ok

17:49:07.0587 4680  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe

17:49:07.0602 4680  SamSs - ok

17:49:07.0680 4680  [ 0FE05DD9BBF0782E2BBF0977F2034616 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys

17:49:07.0708 4680  SbieDrv - ok

17:49:07.0723 4680  [ C970C7B2FD2E811525D4578D50B535F5 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe

17:49:07.0738 4680  SbieSvc - ok

17:49:07.0752 4680  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

17:49:07.0770 4680  sbp2port - ok

17:49:07.0789 4680  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

17:49:07.0835 4680  SCardSvr - ok

17:49:07.0848 4680  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

17:49:07.0899 4680  scfilter - ok

17:49:07.0939 4680  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll

17:49:08.0018 4680  Schedule - ok

17:49:08.0044 4680  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll

17:49:08.0077 4680  SCPolicySvc - ok

17:49:08.0094 4680  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

17:49:08.0138 4680  SDRSVC - ok

17:49:08.0151 4680  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

17:49:08.0202 4680  secdrv - ok

17:49:08.0221 4680  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll

17:49:08.0255 4680  seclogon - ok

17:49:08.0277 4680  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll

17:49:08.0327 4680  SENS - ok

17:49:08.0348 4680  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

17:49:08.0366 4680  SensrSvc - ok

17:49:08.0389 4680  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

17:49:08.0416 4680  Serenum - ok

17:49:08.0436 4680  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

17:49:08.0482 4680  Serial - ok

17:49:08.0502 4680  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys

17:49:08.0541 4680  sermouse - ok

17:49:08.0571 4680  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll

17:49:08.0635 4680  SessionEnv - ok

17:49:08.0648 4680  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

17:49:08.0669 4680  sffdisk - ok

17:49:08.0673 4680  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

17:49:08.0700 4680  sffp_mmc - ok

17:49:08.0703 4680  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

17:49:08.0722 4680  sffp_sd - ok

17:49:08.0725 4680  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

17:49:08.0739 4680  sfloppy - ok

17:49:08.0785 4680  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

17:49:08.0864 4680  SharedAccess - ok

17:49:08.0884 4680  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

17:49:08.0998 4680  ShellHWDetection - ok

17:49:09.0039 4680  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

17:49:09.0052 4680  SiSRaid2 - ok

17:49:09.0077 4680  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

17:49:09.0137 4680  SiSRaid4 - ok

17:49:09.0234 4680  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

17:49:09.0248 4680  SkypeUpdate - ok

17:49:09.0266 4680  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

17:49:09.0320 4680  Smb - ok

17:49:09.0346 4680  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

17:49:09.0375 4680  SNMPTRAP - ok

17:49:09.0397 4680  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

17:49:09.0409 4680  spldr - ok

17:49:09.0462 4680  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe

17:49:09.0505 4680  Spooler - ok

17:49:09.0575 4680  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe

17:49:09.0716 4680  sppsvc - ok

17:49:09.0730 4680  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

17:49:09.0766 4680  sppuinotify - ok

17:49:09.0817 4680  [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE

17:49:09.0843 4680  SQLAgent$SQLEXPRESS - ok

17:49:09.0919 4680  [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

17:49:09.0941 4680  SQLBrowser - ok

17:49:09.0986 4680  [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

17:49:10.0012 4680  SQLWriter - ok

17:49:10.0038 4680  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys

17:49:10.0105 4680  srv - ok

17:49:10.0129 4680  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

17:49:10.0172 4680  srv2 - ok

17:49:10.0187 4680  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

17:49:10.0202 4680  srvnet - ok

17:49:10.0231 4680  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

17:49:10.0269 4680  SSDPSRV - ok

17:49:10.0277 4680  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

17:49:10.0317 4680  SstpSvc - ok

17:49:10.0328 4680  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys

17:49:10.0340 4680  stexstor - ok

17:49:10.0384 4680  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll

17:49:10.0431 4680  stisvc - ok

17:49:10.0462 4680  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys

17:49:10.0488 4680  storflt - ok

17:49:10.0511 4680  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll

17:49:10.0568 4680  StorSvc - ok

17:49:10.0596 4680  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys

17:49:10.0614 4680  storvsc - ok

17:49:10.0619 4680  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

17:49:10.0631 4680  swenum - ok

17:49:10.0655 4680  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

17:49:10.0697 4680  swprv - ok

17:49:10.0755 4680  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll

17:49:10.0846 4680  SysMain - ok

17:49:10.0860 4680  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

17:49:10.0879 4680  TabletInputService - ok

17:49:10.0899 4680  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll

17:49:10.0949 4680  TapiSrv - ok

17:49:11.0002 4680  [ 048CFE7569D6ADCAB9349BB1A566A79E ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys

17:49:11.0024 4680  tbhsd - ok

17:49:11.0042 4680  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

17:49:11.0078 4680  TBS - ok

17:49:11.0145 4680  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

17:49:11.0211 4680  Tcpip - ok

17:49:11.0232 4680  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

17:49:11.0268 4680  TCPIP6 - ok

17:49:11.0307 4680  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

17:49:11.0320 4680  tcpipreg - ok

17:49:11.0338 4680  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

17:49:11.0381 4680  TDPIPE - ok

17:49:11.0406 4680  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

17:49:11.0419 4680  TDTCP - ok

17:49:11.0432 4680  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

17:49:11.0467 4680  tdx - ok

17:49:11.0591 4680  [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

17:49:11.0641 4680  TeamViewer7 - ok

17:49:11.0685 4680  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

17:49:11.0697 4680  TermDD - ok

17:49:11.0723 4680  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll

17:49:11.0781 4680  TermService - ok

17:49:11.0798 4680  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

17:49:11.0817 4680  Themes - ok

17:49:11.0829 4680  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

17:49:11.0864 4680  THREADORDER - ok

17:49:11.0874 4680  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

17:49:11.0931 4680  TrkWks - ok

17:49:11.0969 4680  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

17:49:12.0022 4680  TrustedInstaller - ok

17:49:12.0039 4680  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

17:49:12.0089 4680  tssecsrv - ok

17:49:12.0124 4680  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

17:49:12.0147 4680  TsUsbFlt - ok

17:49:12.0165 4680  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys

17:49:12.0179 4680  TsUsbGD - ok

17:49:12.0214 4680  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

17:49:12.0259 4680  tunnel - ok

17:49:12.0272 4680  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

17:49:12.0284 4680  uagp35 - ok

17:49:12.0304 4680  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

17:49:12.0357 4680  udfs - ok

17:49:12.0383 4680  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

17:49:12.0416 4680  UI0Detect - ok

17:49:12.0446 4680  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

17:49:12.0459 4680  uliagpkx - ok

17:49:12.0480 4680  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

17:49:12.0503 4680  umbus - ok

17:49:12.0519 4680  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys

17:49:12.0542 4680  UmPass - ok

17:49:12.0566 4680  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll

17:49:12.0597 4680  UmRdpService - ok

17:49:12.0625 4680  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

17:49:12.0683 4680  upnphost - ok

17:49:12.0736 4680  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

17:49:12.0760 4680  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

17:49:12.0760 4680  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

17:49:12.0815 4680  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

17:49:12.0865 4680  usbaudio - ok

17:49:12.0890 4680  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

17:49:12.0920 4680  usbccgp - ok

17:49:12.0946 4680  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

17:49:12.0967 4680  usbcir - ok

17:49:13.0007 4680  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

17:49:13.0044 4680  usbehci - ok

17:49:13.0084 4680  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

17:49:13.0114 4680  usbhub - ok

17:49:13.0129 4680  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

17:49:13.0142 4680  usbohci - ok

17:49:13.0166 4680  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

17:49:13.0201 4680  usbprint - ok

17:49:13.0236 4680  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

17:49:13.0252 4680  usbscan - ok

17:49:13.0293 4680  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:49:13.0339 4680  USBSTOR - ok

17:49:13.0357 4680  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

17:49:13.0389 4680  usbuhci - ok

17:49:13.0439 4680  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys

17:49:13.0490 4680  usbvideo - ok

17:49:13.0516 4680  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

17:49:13.0571 4680  UxSms - ok

17:49:13.0587 4680  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe

17:49:13.0600 4680  VaultSvc - ok

17:49:13.0647 4680  [ 6372EAA7CC0E8A2FC4BE7B3F2DE1ED62 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys

17:49:13.0662 4680  VBoxDrv - ok

17:49:13.0691 4680  [ B996117F6202464A56901CBC13999FE2 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys

17:49:13.0704 4680  VBoxNetAdp - ok

17:49:13.0719 4680  [ 89835A2F779979F1D545E40F36D737E0 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys

17:49:13.0732 4680  VBoxNetFlt - ok

17:49:13.0777 4680  [ F9BD6CFF0376D1DADDB1CB2F794D9BC7 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys

17:49:13.0798 4680  VBoxUSBMon - ok

17:49:13.0832 4680  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

17:49:13.0850 4680  vdrvroot - ok

17:49:13.0873 4680  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe

17:49:13.0914 4680  vds - ok

17:49:13.0931 4680  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

17:49:13.0947 4680  vga - ok

17:49:13.0952 4680  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

17:49:13.0996 4680  VgaSave - ok

17:49:14.0017 4680  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

17:49:14.0032 4680  vhdmp - ok

17:49:14.0042 4680  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys

17:49:14.0054 4680  viaide - ok

17:49:14.0079 4680  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys

17:49:14.0094 4680  vmbus - ok

17:49:14.0105 4680  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys

17:49:14.0137 4680  VMBusHID - ok

17:49:14.0159 4680  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

17:49:14.0171 4680  volmgr - ok

17:49:14.0190 4680  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

17:49:14.0208 4680  volmgrx - ok

17:49:14.0228 4680  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

17:49:14.0244 4680  volsnap - ok

17:49:14.0262 4680  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

17:49:14.0276 4680  vsmraid - ok

17:49:14.0400 4680  [ CA64A8838B4674D14BDF88ABA2F253EA ] VSPerfDrv100    C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys

17:49:14.0411 4680  VSPerfDrv100 - ok

17:49:14.0468 4680  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe

17:49:14.0584 4680  VSS - ok

17:49:14.0606 4680  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

17:49:14.0634 4680  vwifibus - ok

17:49:14.0650 4680  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

17:49:14.0678 4680  vwififlt - ok

17:49:14.0700 4680  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

17:49:14.0740 4680  W32Time - ok

17:49:14.0752 4680  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

17:49:14.0784 4680  WacomPen - ok

17:49:14.0818 4680  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

17:49:14.0894 4680  WANARP - ok

17:49:14.0917 4680  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

17:49:14.0951 4680  Wanarpv6 - ok

17:49:14.0988 4680  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe

17:49:15.0052 4680  wbengine - ok

17:49:15.0073 4680  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

17:49:15.0094 4680  WbioSrvc - ok

17:49:15.0119 4680  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll

17:49:15.0155 4680  wcncsvc - ok

17:49:15.0175 4680  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

17:49:15.0227 4680  WcsPlugInService - ok

17:49:15.0245 4680  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys

17:49:15.0258 4680  Wd - ok

17:49:15.0311 4680  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

17:49:15.0358 4680  Wdf01000 - ok

17:49:15.0370 4680  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll

17:49:15.0446 4680  WdiServiceHost - ok

17:49:15.0450 4680  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

17:49:15.0469 4680  WdiSystemHost - ok

17:49:15.0482 4680  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll

17:49:15.0515 4680  WebClient - ok

17:49:15.0532 4680  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

17:49:15.0588 4680  Wecsvc - ok

17:49:15.0608 4680  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

17:49:15.0664 4680  wercplsupport - ok

17:49:15.0684 4680  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

17:49:15.0721 4680  WerSvc - ok

17:49:15.0738 4680  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

17:49:15.0772 4680  WfpLwf - ok

17:49:15.0788 4680  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

17:49:15.0802 4680  WIMMount - ok

17:49:15.0816 4680  WinDefend - ok

17:49:15.0823 4680  WinHttpAutoProxySvc - ok

17:49:15.0877 4680  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

17:49:15.0939 4680  Winmgmt - ok

17:49:16.0008 4680  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll

17:49:16.0116 4680  WinRM - ok

17:49:16.0181 4680  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

17:49:16.0228 4680  WinUsb - ok

17:49:16.0259 4680  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

17:49:16.0304 4680  Wlansvc - ok

17:49:16.0308 4680  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

17:49:16.0321 4680  WmiAcpi - ok

17:49:16.0345 4680  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

17:49:16.0371 4680  wmiApSrv - ok

17:49:16.0387 4680  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

17:49:16.0411 4680  WPCSvc - ok

17:49:16.0431 4680  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

17:49:16.0465 4680  WPDBusEnum - ok

17:49:16.0488 4680  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

17:49:16.0523 4680  ws2ifsl - ok

17:49:16.0534 4680  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll

17:49:16.0566 4680  wscsvc - ok

17:49:16.0612 4680  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys

17:49:16.0660 4680  WSDPrintDevice - ok

17:49:16.0667 4680  WSearch - ok

17:49:16.0757 4680  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

17:49:16.0868 4680  wuauserv - ok

17:49:16.0892 4680  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

17:49:16.0935 4680  WudfPf - ok

17:49:16.0962 4680  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

17:49:16.0997 4680  WUDFRd - ok

17:49:17.0030 4680  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

17:49:17.0071 4680  wudfsvc - ok

17:49:17.0096 4680  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll

17:49:17.0156 4680  WwanSvc - ok

17:49:17.0194 4680  ================ Scan global ===============================

17:49:17.0210 4680  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

17:49:17.0246 4680  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll

17:49:17.0252 4680  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll

17:49:17.0271 4680  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

17:49:17.0289 4680  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

17:49:17.0291 4680  [Global] - ok

17:49:17.0292 4680  ================ Scan MBR ==================================

17:49:17.0313 4680  [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk1\DR1

17:49:17.0462 4680  \Device\Harddisk1\DR1 - ok

17:49:17.0464 4680  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

17:49:17.0688 4680  \Device\Harddisk0\DR0 - ok

17:49:17.0689 4680  ================ Scan VBR ==================================

17:49:17.0702 4680  [ 6C2738E7F7F3B3B7C5F11C0D131734BD ] \Device\Harddisk1\DR1\Partition1

17:49:17.0704 4680  \Device\Harddisk1\DR1\Partition1 - ok

17:49:17.0724 4680  [ 26502E5E709C356C1AF11BBC182DBB12 ] \Device\Harddisk1\DR1\Partition2

17:49:17.0726 4680  \Device\Harddisk1\DR1\Partition2 - ok

17:49:17.0730 4680  [ 79623ABDFBB438E94400FA1022207885 ] \Device\Harddisk0\DR0\Partition1

17:49:17.0732 4680  \Device\Harddisk0\DR0\Partition1 - ok

17:49:17.0735 4680  [ 2DC892443313CE58F1088D5C027A2571 ] \Device\Harddisk0\DR0\Partition2

17:49:17.0737 4680  \Device\Harddisk0\DR0\Partition2 - ok

17:49:17.0738 4680  ============================================================

17:49:17.0738 4680  Scan finished

17:49:17.0738 4680  ============================================================

17:49:17.0752 4056  Detected object count: 2

17:49:17.0752 4056  Actual detected object count: 2

17:49:22.0102 4056  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:22.0102 4056  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:49:22.0102 4056  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

17:49:22.0102 4056  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:49:24.0390 0992  Deinitialize success

Zitat:

Was bedeutet das?

Du musst Fragen schon konkreter formulieren sonst wird's sowas hier => :glaskugel:

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.